events.splunk.com Open in urlscan Pro
142.0.173.20 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s1528.t.en25.com/e/er?s=1528&lid=46387&elqTrackId=8eff7aef46e64cbd9c0b57500a94a69b&elq=47deb7bd9f9e4f7c884cbddbcf...
Effective URL:
https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_...
Submission: On June 28 via manual (June 28th 2022, 1:20:18 pm UTC) from CA — Scanned from CA

Summary HTTP 140 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 58 IPs in 5 countries across 45 domains to perform 140 HTTP transactions. The main IP is 142.0.173.20, located in United States and belongs to NETDYNAMICS, US. The main domain is events.splunk.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 17th 2021. Valid for: a year.

This is the only time events.splunk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.0.173.42 142.0.173.42	7160 (NETDYNAMICS) (NETDYNAMICS)
2 3	142.0.173.31 142.0.173.31	7160 (NETDYNAMICS) (NETDYNAMICS)
1	142.0.173.20 142.0.173.20	7160 (NETDYNAMICS) (NETDYNAMICS)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	23.1.192.215 23.1.192.215	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
5	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	152.199.2.76 152.199.2.76	15133 (EDGECAST) (EDGECAST)
5	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:a... 2600:1901:0:a57b::	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:82d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	99.84.31.73 99.84.31.73	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	99.84.22.46 99.84.22.46	16509 (AMAZON-02) (AMAZON-02)
2	3.121.48.255 3.121.48.255	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
10	23.1.193.196 23.1.193.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:650c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.208.217.104 23.208.217.104	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.100.194 104.18.100.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.67.161.210 68.67.161.210	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:141b:13:... 2600:141b:13:7a7::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:27::... 2620:1ec:27::cafe:1822	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	99.84.194.217 99.84.194.217	16509 (AMAZON-02) (AMAZON-02)
2	18.210.134.214 18.210.134.214	14618 (AMAZON-AES) (AMAZON-AES)
2 3	68.67.179.135 68.67.179.135	29990 (ASN-APPNEX) (ASN-APPNEX)
3	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	20.110.81.91 20.110.81.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700:303... 2606:4700:3035::6815:4687	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2 2	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	146.75.36.157 146.75.36.157	54113 (FASTLY) (FASTLY)
1	13.33.94.103 13.33.94.103	16509 (AMAZON-02) (AMAZON-02)
1	99.84.23.225 99.84.23.225	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:213... 2600:9000:213b:a00:12:dfa9:e200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.236.151.164 54.236.151.164	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	99.84.28.145 99.84.28.145	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1	13.48.144.168 13.48.144.168	16509 (AMAZON-02) (AMAZON-02)
1	13.33.94.123 13.33.94.123	16509 (AMAZON-02) (AMAZON-02)
2 2	52.0.243.149 52.0.243.149	14618 (AMAZON-AES) (AMAZON-AES)
2 4	13.33.94.51 13.33.94.51	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	3.216.183.243 3.216.183.243	14618 (AMAZON-AES) (AMAZON-AES)
140	58

1 142.0.173.42 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

s1528.t.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.0.173.31 (United States) 2 redirects

ASN7160 (NETDYNAMICS, US)

s1528.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.0.173.20 (United States)

ASN7160 (NETDYNAMICS, US)

events.splunk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 23.1.192.215 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-192-215.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.199.2.76 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:808::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:a57b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sgtm.splunk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.31.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-31-73.gig51.r.cloudfront.net

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.22.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-22-46.gig51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.48.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-48-255.eu-central-1.compute.amazonaws.com

tm.vendemore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.vendemore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

metadata-static-files.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.1.193.196 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-193-196.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.217.104 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-217-104.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.100.194 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.161.210 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13:7a7::1c91 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1822 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.194.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-194-217.lax3.r.cloudfront.net

d2hya7iqhf5w3h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.210.134.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-134-214.compute-1.amazonaws.com

c.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.135 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.81.91 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:4687 (United States)

ASN13335 (CLOUDFLARENET, US)

v2.listenloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.94.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-94-103.gig51.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.23.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-23-225.gig51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:213b:a00:12:dfa9:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.inzynk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.151.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-151-164.compute-1.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.28.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-28-145.gig51.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.3 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.48.144.168 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-144-168.eu-north-1.compute.amazonaws.com

analytics.inzynk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.94.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-94-123.gig51.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.243.149 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-243-149.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.94.51 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-94-51.gig51.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.183.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-183-243.compute-1.amazonaws.com

abm2.listenloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	en25.com 1 redirects s1528.t.en25.com — Cisco Umbrella Rank: 577167 img.en25.com — Cisco Umbrella Rank: 5745	321 KB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 7170 c.6sc.co — Cisco Umbrella Rank: 10598 ipv6.6sc.co — Cisco Umbrella Rank: 7405 b.6sc.co — Cisco Umbrella Rank: 4734	17 KB
8	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1332 insight.adsrvr.org — Cisco Umbrella Rank: 594 match.adsrvr.org — Cisco Umbrella Rank: 367	7 KB
7	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2452 rs.fullstory.com — Cisco Umbrella Rank: 1958	141 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 j.clarity.ms — Cisco Umbrella Rank: 5408 c.clarity.ms — Cisco Umbrella Rank: 1113	26 KB
7	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 982 trc.taboola.com — Cisco Umbrella Rank: 672 pips.taboola.com — Cisco Umbrella Rank: 1482 cds.taboola.com — Cisco Umbrella Rank: 1377 trc-events.taboola.com — Cisco Umbrella Rank: 1600	22 KB
6	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	1 KB
5	company-target.com 2 redirects api.company-target.com — Cisco Umbrella Rank: 2674 segments.company-target.com — Cisco Umbrella Rank: 1198	3 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	393 KB
5	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 450	111 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 408 ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
4	splunk.com events.splunk.com sgtm.splunk.com — Cisco Umbrella Rank: 203259	16 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 327 s.amazon-adsystem.com — Cisco Umbrella Rank: 286	9 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 7301	671 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 541 www.google.com — Cisco Umbrella Rank: 8	912 B
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 1975 tr.outbrain.com — Cisco Umbrella Rank: 1779	4 KB
3	contentsquare.net t.contentsquare.net — Cisco Umbrella Rank: 3541 c.contentsquare.net — Cisco Umbrella Rank: 3458	72 KB
3	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7048	33 KB
3	eloqua.com 2 redirects s1528.t.eloqua.com — Cisco Umbrella Rank: 633004	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 635	452 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 474	1019 B
2	inzynk.io tags.inzynk.io — Cisco Umbrella Rank: 171678 analytics.inzynk.io — Cisco Umbrella Rank: 129639	18 KB
2	listenloop.com v2.listenloop.com — Cisco Umbrella Rank: 69677 abm2.listenloop.com — Cisco Umbrella Rank: 68776	34 KB
2	cloudfront.net d2hya7iqhf5w3h.cloudfront.net d6tizftlrpuof.cloudfront.net	7 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	500 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 502	539 B
2	vendemore.com tm.vendemore.com — Cisco Umbrella Rank: 156021 analytics.vendemore.com — Cisco Umbrella Rank: 152869	930 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	109 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211	32 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	353 B
1	t.co t.co — Cisco Umbrella Rank: 455	336 B
1	usabilla.com w.usabilla.com — Cisco Umbrella Rank: 3147	14 KB
1	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 5597	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	14 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	916 B
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5501	1 KB
1	digitaloceanspaces.com metadata-static-files.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 31966	6 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 8307	203 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 766	435 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	33 KB
0	amazonaws.com Failed pt37ad6f6a.execute-api.us-east-1.amazonaws.com Failed
140	45

	Domain	Requested by
24	img.en25.com	events.splunk.com img.en25.com
8	b.6sc.co	events.splunk.com
5	www.googletagmanager.com	events.splunk.com www.googletagmanager.com
5	cdn.cookielaw.org	events.splunk.com cdn.cookielaw.org
4	segments.company-target.com	2 redirects
4	rs.fullstory.com	cdn.bizible.com edge.fullstory.com
4	match.adsrvr.org	js.adsrvr.org
4	stats.g.doubleclick.net	cdn.bizible.com www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cdn.bizible.com
3	edge.fullstory.com	events.splunk.com rs.fullstory.com edge.fullstory.com
3	j.clarity.ms	cdn.bizible.com
3	ib.adnxs.com	2 redirects cdn.bizible.com
3	px.ads.linkedin.com	3 redirects
3	www.google.ca	events.splunk.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com events.splunk.com
3	sgtm.splunk.com	cdn.bizible.com www.google-analytics.com
3	cdn.bizible.com	events.splunk.com cdn.bizible.com
3	s1528.t.eloqua.com	2 redirects events.splunk.com
2	id.rlcdn.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	s.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	trc-events.taboola.com	cdn.bizible.com
2	cm.g.doubleclick.net	2 redirects
2	c.clarity.ms	1 redirects
2	insight.adsrvr.org	1 redirects js.adsrvr.org
2	c.contentsquare.net	events.splunk.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	events.splunk.com
2	tr.outbrain.com	amplify.outbrain.com events.splunk.com
2	p.adsymptotic.com	1 redirects events.splunk.com
2	www.google.com	events.splunk.com
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	connect.facebook.net	events.splunk.com connect.facebook.net
2	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
2	stackpath.bootstrapcdn.com	events.splunk.com
1	abm2.listenloop.com	edge.fullstory.com
1	api.company-target.com	cdn.bizible.com
1	analytics.inzynk.io	tags.inzynk.io
1	d6tizftlrpuof.cloudfront.net	events.splunk.com
1	analytics.twitter.com
1	t.co
1	w.usabilla.com	events.splunk.com
1	tags.inzynk.io	www.googletagmanager.com
1	c.amazon-adsystem.com	events.splunk.com
1	scripts.demandbase.com	events.splunk.com
1	static.ads-twitter.com	www.googletagmanager.com
1	pixel.rubiconproject.com	1 redirects
1	v2.listenloop.com	events.splunk.com
1	c.bing.com	1 redirects
1	analytics.vendemore.com	cdn.bizible.com
1	d2hya7iqhf5w3h.cloudfront.net	tm.vendemore.com
1	cds.taboola.com	cdn.bizible.com
1	pips.taboola.com	cdn.bizible.com
1	ipv6.6sc.co	cdn.bizible.com
1	c.6sc.co	cdn.bizible.com
1	secure.adnxs.com	cdn.bizible.com
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	trc.taboola.com	cdn.taboola.com
1	amplify.outbrain.com	events.splunk.com
1	ws.zoominfo.com	events.splunk.com
1	j.6sc.co	events.splunk.com
1	metadata-static-files.sfo2.cdn.digitaloceanspaces.com	events.splunk.com
1	tm.vendemore.com	events.splunk.com
1	t.contentsquare.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	cdn.bizibly.com	events.splunk.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	code.jquery.com	events.splunk.com
1	events.splunk.com
1	s1528.t.en25.com	1 redirects
0	pt37ad6f6a.execute-api.us-east-1.amazonaws.com Failed	edge.fullstory.com
140	73

This site contains links to these domains. Also see Links.

Domain
s1528.t.en25.com
www.splunk.com

Subject Issuer	Validity	Valid
events.splunk.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-17` - `2022-09-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
io.bizible.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-30` - `2022-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
www.sgtm.splunk.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
t.contentsquare.net Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-06` - `2022-07-05`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.vendemore.com Trusted Secure Certificate Authority 5	`2022-01-27` - `2023-02-21`	a year	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
c.contentsquare.net Amazon	`2021-09-14` - `2022-10-12`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-06-11` - `2022-09-09`	3 months	crt.sh
*.fullstory.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.inzynk.io Sectigo RSA Domain Validation Secure Server CA	`2022-01-07` - `2023-01-07`	a year	crt.sh
w.usabilla.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
*.listenloop.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-06-16` - `2023-06-19`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Frame ID: 6C757BA1291BE3A34997F56E652A937C
Requests: 134 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=65d5w9m&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=zfbopfz&upv=1.1.0
Frame ID: 3F0C777738B71B478B8713FF80CC7C92
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=afx4zne&upv=1.1.0
Frame ID: 47355CA45E25B682900C492A37F45304
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711&google_gid=CAESEKIBDwWDDbQwPzUWI0s91Xk&google_cver=1
Frame ID: A0149730A66F3FB0375006F8F1AC1281
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2183682153966211275&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711
Frame ID: D6ADD2893324AF8CBB00B114CDF2C62A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 4BD1129CA42140FB7D3DDEBEBCF25485
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/26b58e1d9d1d.js?lv=1
Frame ID: E1BB2EE96A51792ED97AF072607C90A9
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/splunk-button-77a48f8f9f814cbca9e89a9cef1a2ace.png
Frame ID: 599F41CA687E178834DBEC01B5AD852B
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1656422416422&dcc=t
Frame ID: 13FF5CC770F7F0050E7A46E8896181B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sip & SOAR to Risk-Based Alerting | Virtual Event | Splunk

Page URL History Show full URLs

https://s1528.t.en25.com/e/er?s=1528&lid=46387&elqTrackId=8eff7aef46e64cbd9c0b57500a94a69b&elq=47deb7... HTTP 302
https://s1528.t.eloqua.com/e/er?s=1528&lid=46387&elqTrackId=8eff7aef46e64cbd9c0b57500a94a69b&elq=47deb7... HTTP 302
https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campa... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

140
Requests

94 %
HTTPS

34 %
IPv6

45
Domains

73
Subdomains

58
IPs

5
Countries

1561 kB
Transfer

4455 kB
Size

80
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://s1528.t.en25.com/e/er?s=1528&lid=7214&elqTrackId=03ff43e65ec54f0b9918101ddc3b2b84&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=7911&elqTrackId=5fb19f3d28ee495e8ff3d1c007a1bb6b&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Websites Terms and Conditions of Use

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=8129&elqTrackId=510c1b8d8d674991bd35aa7bcaafb154&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Subsidiaries

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=6852&elqTrackId=5ab49687a5ef4f51b951504f587d2ba2&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=4309&elqTrackId=324bf3ee220b46e5a92814829918f411&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=7628&elqTrackId=7fd166a25d9d40609c9592244ef1c0e8&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=13337&elqTrackId=cd909e5a9ab6419194df4bd0f15a1cb9&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=35&elqTrackId=9f28f39bb66c4158bfa75e99816ace86&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=4849&elqTrackId=488630d4e46949d7902ad8b677925129&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=12668&elqTrackId=63f370ecf5bf4e34a7d637da987ba29f&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=6852&elqTrackId=322d0688cf4d4c4bb822264e7e149b89&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Privacy

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=7911&elqTrackId=b9a2a521feaa48abb0195e1a08b45a73&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=20935&elqTrackId=f3056b0d3e7c45649890721d33ade737&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Splunk Licensing Terms

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=12666&elqTrackId=1e839a5641d1496798107acb10ab644d&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Export Control

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=20934&elqTrackId=16d6fa0cdeae47348c55d356ae69c04f&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Modern Slavery Statement

Search URL Search Domain Scan URL

URL: https://s1528.t.en25.com/e/er?s=1528&lid=20933&elqTrackId=7f4e250c119248168a9aab53a3d7882a&elq=00000000000000000000000000000000&elqaid=9679&elqat=2&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Title: Splunk Patents

Search URL Search Domain Scan URL

URL: https://www.splunk.com/en_us/legal/splunk-cookie-policy.html
Title: Learn more here ›

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s1528.t.en25.com/e/er?s=1528&lid=46387&elqTrackId=8eff7aef46e64cbd9c0b57500a94a69b&elq=47deb7bd9f9e4f7c884cbddbcf1d755e&elqaid=56160&elqat=1 HTTP 302
https://s1528.t.eloqua.com/e/er?s=1528&lid=46387&elqTrackId=8eff7aef46e64cbd9c0b57500a94a69b&elq=47deb7bd9f9e4f7c884cbddbcf1d755e&elqaid=56160&elqat=1 HTTP 302
https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://s1528.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1528&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=9679&PURLRecordID=0&PURLGUID=B3B00AF4C25144AA885125C9FFF7E027&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&firstPartyCookieDomain=events.splunk.com&elqGUID=b3b00af4-c251-44aa-8851-25c9fff7e027&elq_ck=0&utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1 HTTP 302
https://s1528.t.eloqua.com/eloquaimages/tinydot.gif

Request Chain 73

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26utm_source%3Dsplunk%26utm_medium%3Demail%26LST%3DEmail1 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26utm_source%3Dsplunk%26utm_medium%3Demail%26LST%3DEmail1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66727%26time%3D1656422411792%26url%3Dhttps%253A%252F%252Fevents.splunk.com%252FSip-SOAR-to-Risk-Based-Alerting%253Futm_campaign%253DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%2526utm_source%253Dsplunk%2526utm_medium%253Demail%2526LST%253DEmail1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26utm_source%3Dsplunk%26utm_medium%3Demail%26LST%3DEmail1&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26utm_source%3Dsplunk%26utm_medium%3Demail%26LST%3DEmail1&cookiesTest=true&liSync=true&e_ipv6=AQJfffyK407BYgAAAYGqeC9cFb2ocCXiwO-iqvJoUVVwf-o-seGOef0dFzxnEx3cVlmVcOyi HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ff200631-5f9e-457e-a440-85038418e27c HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ff200631-5f9e-457e-a440-85038418e27c&_expected_cookie=43219dd62c7a7f908207b4b011893c88

Request Chain 98

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3221953A695148E9AD076E17D7C03A13&RedC=c.clarity.ms&MXFR=3D4137B8C5706077337F2669C1706ECE HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3221953A695148E9AD076E17D7C03A13&MUID=0CF0F803E2516D3B3FA9E9D2E37B6C57

Request Chain 99

https://insight.adsrvr.org/track/up?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=afx4zne&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=afx4zne&upv=1.1.0

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZWI4YzA4NWUtZGQwMy00ZWRhLTkxNTgtMTI5YzI3NTY1NzEx&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=ZWI4YzA4NWUtZGQwMy00ZWRhLTkxNTgtMTI5YzI3NTY1NzEx&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711&google_tc= HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711&google_gid=CAESEKIBDwWDDbQwPzUWI0s91Xk&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Deb8c085e-dd03-4eda-9158-129c27565711 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2183682153966211275&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711

Request Chain 106

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb8c085e-dd03-4eda-9158-129c27565711&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 127

https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1656422416422 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1656422416422&dcc=t

Request Chain 130

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAEJDE7FdgAAABLElq71cA HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEJDE7FdgAAABLElq71cA&verifyHash=531753eb11bb31190ada40701ed0c6ec5411d3d5

Request Chain 131

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCJGA7JUGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc129749iQBn19XOg-tsxxECY8u404Qb8z68MXew-p-XnupLw HTTP 303
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc129749iQBn19XOg-tsxxECY8u404Qb8z68MXew-p-XnupLw&verifyHash=93f4a940410f634236cfc808941416c49fbed082

140 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Sip-SOAR-to-Risk-Based-Alerting Show response
events.splunk.com/
Redirect Chain

https://s1528.t.en25.com/e/er?s=1528&lid=46387&elqTrackId=8eff7aef46e64cbd9c0b57500a94a69b&elq=47deb7bd9f9e4f7c884cbddbcf1d755e&elqaid=56160&elqat=1
https://s1528.t.eloqua.com/e/er?s=1528&lid=46387&elqTrackId=8eff7aef46e64cbd9c0b57500a94a69b&elq=47deb7bd9f9e4f7c884cbddbcf1d755e&elqaid=56160&elqat=1
https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

81 KB
16 KB

1942ms
1787ms

Document
text/html

142.0.173.20
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.20 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

dac06c3ef05129947ab8af3268303eabb670f9bc3d82ae3918637f94f463eee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store
Content-Encoding: gzip
Content-Length: 15724
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 13:20:10 GMT
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store
Content-Length: 292
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 13:20:07 GMT
Expires: -1
Location: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 50ms
23ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.splunk.com/
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 1761
cdn-cachedat: 2021-06-08 14:28:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 109a688021e36b504e78f273b3449ba3
cf-ray: 7226b7e4c8664bcb-YUL
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK %7B6190daac-134e-41a8-a14b-b5f63bdc2cc5%7D_splunk-data-sans.css
img.en25.com/Web/SplunkInc/ 83 KB
63 KB 91ms
24ms Stylesheet
text/css 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B6190daac-134e-41a8-a14b-b5f63bdc2cc5%7D_splunk-data-sans.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

eb9dde5b0100f6fa114a75ec6662bd75575b3d677cff4f70c0545c08300ac2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 63906
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 26 Mar 2020 16:24:34 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
ETag: "18c02998b3d61:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Bd8269de2-df43-45aa-8af4-fb6f7095cfd3%7D_style_lp_2022_final.css
img.en25.com/Web/SplunkInc/ 35 KB
7 KB 90ms
24ms Stylesheet
text/css 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7Bd8269de2-df43-45aa-8af4-fb6f7095cfd3%7D_style_lp_2022_final.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

423a5721f1ed5aa4ca4b96deb576271a6cb3fc42a3c3cd11c9327284254d3f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 6619
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 24 May 2022 13:29:59 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
ETag: "6ba2735d726fd81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Bc8604310-f703-4114-8ad9-d86aaa409cd4%7D_style_lp_2020_additional.css
img.en25.com/Web/SplunkInc/ 3 KB
1 KB 89ms
23ms Stylesheet
text/css 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7Bc8604310-f703-4114-8ad9-d86aaa409cd4%7D_style_lp_2020_additional.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

7140ad22c7984782117601ce9c164359adff68b070e692079f950473938ccdbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 776
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 24 May 2022 13:09:29 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
ETag: "386663806f6fd81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Bee53b8d2-3577-41a9-924d-e67b4e8acd00%7D_submitButtonStyle.css
img.en25.com/Web/SplunkInc/ 348 B
778 B 93ms
24ms Stylesheet
text/css 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7Bee53b8d2-3577-41a9-924d-e67b4e8acd00%7D_submitButtonStyle.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

75afc0ac0524c8394367a5f8c558aa0f2466e594be89fbd2d67ad4f90be66e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 196
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 12 May 2022 19:02:31 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-store
ETag: "df82aed43266d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 83ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://events.splunk.com/
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-17b8b"
vary: Accept-Encoding
x-hw: 1656422411.dop055.dc2.t,1656422411.cds214.dc2.hn,1656422411.cds207.dc2.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H/1.1 200
OK %7B19a539b9-3a7f-484c-83f4-f542208cddd4%7D_crmt-form-strings_200618-EN.js Show response
img.en25.com/Web/SplunkInc/ 1 KB
1006 B 97ms
25ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B19a539b9-3a7f-484c-83f4-f542208cddd4%7D_crmt-form-strings_200618-EN.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

6e5b1784c20ec25b8dfd23ce10d089a5ec4c5cd527a87030ea617ed39c190455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 408
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 17 Feb 2022 21:03:31 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "8fa9acd14124d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B96125654-4651-49ca-886d-27933684999e%7D_script-form-2020_final_-_11_11_21_update.js Show response
img.en25.com/Web/SplunkInc/ 18 KB
5 KB 102ms
24ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B96125654-4651-49ca-886d-27933684999e%7D_script-form-2020_final_-_11_11_21_update.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

54e752d789aafe467b43bac6c58b58ea32d111a889ea2c9385fd821b93945c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 4266
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 30 Nov 2021 05:49:00 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "3a6481f9ade5d71:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 45ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jaQOgzI9+ZkWZRPB/GIusQ==
age: 11389
vary: Accept-Encoding
content-length: 6921
x-ms-lease-status: unlocked
last-modified: Mon, 27 Jun 2022 19:28:39 GMT
server: cloudflare
etag: 0x8DA58733D263746
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f1210c6f-c01e-0026-4179-8a4352000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7226b7e4c94d714b-YUL

GET
H/1.1 200
OK %7B57c9aad4-aabf-4161-943b-819580c527ed%7D_querystring_parameters-01Aug2018.js Show response
img.en25.com/Web/SplunkInc/ 2 KB
1 KB 120ms
30ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B57c9aad4-aabf-4161-943b-819580c527ed%7D_querystring_parameters-01Aug2018.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

18ebe9bdad62157aa065d81e1395ec746591382b6b663287974e552d46f63274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 655
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 08 Aug 2018 11:38:55 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "743c8e63c2fd41:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B651b98aa-198d-4b05-a6ac-a0f2cdd19b08%7D_one_submit.js Show response
img.en25.com/Web/SplunkInc/ 2 KB
1 KB 120ms
30ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B651b98aa-198d-4b05-a6ac-a0f2cdd19b08%7D_one_submit.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

ca39225d55fb1329f98236ee689af42d5c8f21258b7cfe73640c8f7c21220d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 922
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 28 Jan 2016 15:12:17 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "feab646de59d11:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 46ms
22ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.splunk.com/
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 1761
cdn-cachedat: 2021-06-08 14:33:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 054673e82fb08400b83b4b22925b200c
cf-ray: 7226b7e4c86a4bcb-YUL
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK %7B7e5de319-27af-485c-b0b0-c16cacbf63fa%7D_script-lp-2020_2_18_22.js Show response
img.en25.com/Web/SplunkInc/ 4 KB
2 KB 129ms
38ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B7e5de319-27af-485c-b0b0-c16cacbf63fa%7D_script-lp-2020_2_18_22.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d5df92337c2a6e75e735fbc9a5a1c042f9e6c841b0dd5fb5d14921e9ae8d331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 1082
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Sat, 19 Feb 2022 00:16:30 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "5dd4b0f12525d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B0522df68-c290-4b2e-9895-ccd3eb9d2fe7%7D_crs.min11-5-18build.js Show response
img.en25.com/Web/SplunkInc/ 68 KB
38 KB 120ms
24ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B0522df68-c290-4b2e-9895-ccd3eb9d2fe7%7D_crs.min11-5-18build.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

ee1d06c504be0b79406c94743da4698838f25e51e068d0dceeecdc2a2e488c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 37928
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 06 Nov 2018 05:27:50 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "cdb86759175d41:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK livevalidation_standalone.compressed.js Show response
img.en25.com/i/ 13 KB
4 KB 126ms
25ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/livevalidation_standalone.compressed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 3717
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 08 Jun 2022 00:15:53 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "ededd2eacc7ad81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 111ms
18ms Script
application/x-javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1DD2) /
Resource Hash: 65dad26d197878fdddaaa0ab1990b6a0bc7f6853c6db2af3e1970ba6c2f5b2a8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 23:43:35 GMT
server: ECS (nyb/1DD2)
age: 57906
etag: "e76d1de5b87d81:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 32316

GET
H/1.1 200
OK %7B22418cbc-7d3c-4da2-bb52-d42bf515f4b3%7D_move-to-top.js Show response
img.en25.com/Web/SplunkInc/ 561 B
856 B 147ms
26ms Script
application/x-javascript 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/Web/SplunkInc/%7B22418cbc-7d3c-4da2-bb52-d42bf515f4b3%7D_move-to-top.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

209cdfebd5c4a80669ec8c8135abc7be73f3b79f651bd1ec8f4f42a40d56c757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 259
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Mon, 11 Mar 2019 12:12:12 GMT
Date: Tue, 28 Jun 2022 13:20:11 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "442dd5a83d8d41:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Bc2860ed1-6832-472d-a189-e585f719bd55%7D_lp-splunk-logo.png
img.en25.com/EloquaImages/clients/SplunkInc/ 2 KB
3 KB 33ms
32ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7Bc2860ed1-6832-472d-a189-e585f719bd55%7D_lp-splunk-logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

56b9ae4b38839806728d30132175df8c0165174bffd66d91b8f69925ef668ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Tue, 14 Apr 2020 15:23:57 GMT
ETag: "7d733b77012d61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 2412
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B467b6802-ce77-4a92-aed8-3d9b3474d26a%7D_Arrow.png
img.en25.com/EloquaImages/clients/SplunkInc/ 2 KB
2 KB 40ms
39ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7B467b6802-ce77-4a92-aed8-3d9b3474d26a%7D_Arrow.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

0211cd110c45f7728d81032c691444f922b223042456c334e5edae5cbb6ebca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Mon, 04 Mar 2019 17:18:09 GMT
ETag: "f344563daed2d41:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 1662
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B861070af-94c7-4953-92b9-d557bd96aab9%7D_FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822_244101_Patrick_Coughlin.png
img.en25.com/EloquaImages/clients/SplunkInc/ 45 KB
45 KB 40ms
38ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7B861070af-94c7-4953-92b9-d557bd96aab9%7D_FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822_244101_Patrick_Coughlin.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

4525ae0dc0135b041205b9680687c77e5ffde6e9519b8601b08ac4c2ef0a42d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Mon, 13 Jun 2022 23:38:15 GMT
ETag: "e5548a77e7fd81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 45720
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B8b47f1d4-e285-4440-a059-5435c5540eae%7D_FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822_244101_Michal_Hegstrom.png
img.en25.com/EloquaImages/clients/SplunkInc/ 38 KB
38 KB 41ms
38ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7B8b47f1d4-e285-4440-a059-5435c5540eae%7D_FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822_244101_Michal_Hegstrom.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

08901486318285d72520bbaa7694c2ac86a7ee9131968ac4226d90441fa16ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Mon, 13 Jun 2022 23:38:15 GMT
ETag: "afde40a77e7fd81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 38734
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Be9588963-1d22-435c-8dc1-9a133fb4fdce%7D_fb.png
img.en25.com/EloquaImages/clients/SplunkInc/ 238 B
774 B 54ms
52ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7Be9588963-1d22-435c-8dc1-9a133fb4fdce%7D_fb.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

54f746f34aede748df2339a8d8ead0b63c923c4556ca8c571d87f7e87bf79daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Fri, 01 May 2020 14:26:25 GMT
ETag: "99ab9b7ec41fd61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 238
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B60e51f68-a39f-4354-a788-b44f60d7fd39%7D_instagram.png
img.en25.com/EloquaImages/clients/SplunkInc/ 416 B
951 B 33ms
31ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7B60e51f68-a39f-4354-a788-b44f60d7fd39%7D_instagram.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

0cfb01c59089b6e8884979e7000714cca38deffa7ab26109c694a55ce73e44f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Mon, 18 May 2020 16:52:58 GMT
ETag: "67dd9c8342dd61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 416
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Be41b4de4-03a0-4aee-8617-6f9079f83190%7D_in.png
img.en25.com/EloquaImages/clients/SplunkInc/ 305 B
841 B 33ms
33ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7Be41b4de4-03a0-4aee-8617-6f9079f83190%7D_in.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

718101d7a02bf9d05e6607fdf87b99d90bc9193f97590ba69eab4ad87f8b2485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Fri, 01 May 2020 14:26:25 GMT
ETag: "99ab9b7ec41fd61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 305
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B22d85331-213f-4ed7-b4c8-cafe0b9bc236%7D_tw.png
img.en25.com/EloquaImages/clients/SplunkInc/ 315 B
851 B 30ms
30ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7B22d85331-213f-4ed7-b4c8-cafe0b9bc236%7D_tw.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

5ed5fcce46bb4fd8a28b61d36cf60873c102829299f6f5576d799e0366509716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Fri, 01 May 2020 14:26:25 GMT
ETag: "99ab9b7ec41fd61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 315
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Bdf143b54-578b-4534-b8fa-2f9be627da3f%7D_yt.png
img.en25.com/EloquaImages/clients/SplunkInc/ 312 B
848 B 27ms
26ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7Bdf143b54-578b-4534-b8fa-2f9be627da3f%7D_yt.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea77ea1df7794b630ff8be882c7af3373b04182981955646f6842fbf6ee36d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Fri, 01 May 2020 14:26:25 GMT
ETag: "99ab9b7ec41fd61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 312
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7Bbe01ff5c-0d28-440b-90ce-8a51f1ee0a7c%7D_2019-Splunk-Corp-Logo-w-tag-101_W-Horizontal_1.png
img.en25.com/EloquaImages/clients/SplunkInc/ 3 KB
4 KB 43ms
42ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7Bbe01ff5c-0d28-440b-90ce-8a51f1ee0a7c%7D_2019-Splunk-Corp-Logo-w-tag-101_W-Horizontal_1.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

463b1656517135e0f8ebaa634113c71af5e16063afa0c2ec65542e57884d1d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Fri, 06 Mar 2020 12:19:32 GMT
ETag: "a1a0fd7db1f3d51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 3491
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1

200
OK

tinydot.gif
s1528.t.eloqua.com/eloquaimages/
Redirect Chain

https://s1528.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1528&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=9679&PURLRecordID=0&PURLGUID=B3B00AF4C25144AA885125C9FFF7E027&Use...
https://s1528.t.eloqua.com/eloquaimages/tinydot.gif

49 B
543 B

29ms
29ms

Image
image/gif

142.0.173.31
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1528.t.eloqua.com/eloquaimages/tinydot.gif

Requested by

Protocol

HTTP/1.1

Server

142.0.173.31 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Last-Modified: Wed, 22 Jun 2022 13:18:53 GMT
ETag: "3e207c9e3a86d81:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Tue, 28 Jun 2022 13:20:11 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: /eloquaimages/tinydot.gif
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 142
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 9ff638b7-8097-449d-9741-7b3c526b0da7.json Show response
cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/ 3 KB
2 KB 139ms
114ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/9ff638b7-8097-449d-9741-7b3c526b0da7.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a2de4125e63c0db3ebac9e9ec44092ac3a1fda1942dc370637a234775a374c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1okM7ZzoEswIs0PBwY4sQQ==
vary: Accept-Encoding
content-length: 1368
x-ms-lease-status: unlocked
last-modified: Tue, 18 May 2021 21:25:04 GMT
server: cloudflare
etag: 0x8D91A43671CA02E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fb593c5f-501e-00ab-3736-590ff4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7226b7e5ab827157-YUL
expires: Tue, 28 Jun 2022 17:20:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 500 KB
118 KB 167ms
99ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e8c41ec5e8e2e52b32736b40e4361cebaad6ade1d6c3cb5f8d6000d9535ac27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120032
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B50dc8502-34f4-406e-9c3c-b1eb4c17909a%7D_20-SPLK-Email_and_LP_Headers-gradient-TEMPLATE-113_1600x270-v2.jpg
img.en25.com/EloquaImages/clients/SplunkInc/ 68 KB
68 KB 44ms
43ms Image
image/jpeg 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7B50dc8502-34f4-406e-9c3c-b1eb4c17909a%7D_20-SPLK-Email_and_LP_Headers-gradient-TEMPLATE-113_1600x270-v2.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

ed7057bc83eaa1f5f069b71f61aa39b9643e7422fc27e4d2b3ab59e2d0585ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/jpeg
Last-Modified: Mon, 01 Feb 2021 22:28:02 GMT
ETag: "c845a980e9f8d61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 69598
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK %7B3e99c240-0bdd-4864-8e5a-c23a1d5f8b07%7D_splunk-circle.png
img.en25.com/EloquaImages/clients/SplunkInc/ 30 KB
31 KB 38ms
37ms Image
image/png 23.1.192.215
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.en25.com/EloquaImages/clients/SplunkInc/%7B3e99c240-0bdd-4864-8e5a-c23a1d5f8b07%7D_splunk-circle.png

Requested by

Host: img.en25.com
URL: https://img.en25.com/Web/SplunkInc/%7Bd8269de2-df43-45aa-8af4-fb6f7095cfd3%7D_style_lp_2022_final.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.1.192.215 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-192-215.deploy.static.akamaitechnologies.com

Software

Resource Hash

bca084b988b009db5b08cde39e59af5d14df63d377d3a3b71bd8c57943850d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://img.en25.com/Web/SplunkInc/%7Bd8269de2-df43-45aa-8af4-fb6f7095cfd3%7D_style_lp_2022_final.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/png
Last-Modified: Tue, 14 Apr 2020 17:54:37 GMT
ETag: "87c5bc38512d61:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 30696
X-XSS-Protection: 1; mode=block
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa6b8c0d433eb522e39d9a179e360a6eb5980c9f3addb3e80ad4fffee9e736b8

Request headers

Referer
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81406743991f669003544635208cddc5ab38874529b1c425fb60ceb02e8f1218

Request headers

Referer
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d707ba511936ff11eb80a227510ad8e82667fce06d11a9cdb0b1f00b56be0798

Request headers

Referer
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3abb9c51b30aa2f09fe1c74f5ae5dd176efb43bb451e67e34943e7e77f13e1ad

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 157 B
435 B 59ms
31ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7226b7e6a9ef4bca-YUL
access-control-allow-headers: Content-Type

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
304 B 22ms
22ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=dabe8c07833d4031e5f2a2dc08e305e0&_biz_s=1e32a8&_biz_l=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&_biz_t=1656422411295&_biz_i=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&_biz_n=0&rnd=829763&cdn_o=a&_biz_z=1656422411337
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D07) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
last-modified: Wed, 22 Jun 2022 12:13:07 GMT
server: ECS (nyb/1D07)
age: 522424
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 41ms
18ms Image
image/gif 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizibly.com/u?_biz_u=dabe8c07833d4031e5f2a2dc08e305e0&_biz_s=1e32a8&_biz_l=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&_biz_t=1656422411343&_biz_i=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&rnd=912818&cdn_o=a&_biz_z=1656422411343
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D33) /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
last-modified: Sun, 26 Jun 2022 20:10:04 GMT
server: ECS (nyb/1D33)
age: 148207
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.18.0/ 377 KB
84 KB 22ms
20ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cIchS4lr7UaDx9LQCq2apA==
age: 21827527
vary: Accept-Encoding
content-length: 85787
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:55 GMT
server: cloudflare
etag: 0x8D91E52BCFB1A90
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cd51ec87-401e-0155-2c6c-c475c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7226b7e71d03714b-YUL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 52ms
51ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8Q6D4RLYQL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21e3a256075791af0bc34fd4cc55ec1209c0c159d68a3b1c5b9a150d5d78a4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70171
x-xss-protection: 0
expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
19ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2180
date: Tue, 28 Jun 2022 12:43:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Jun 2022 14:43:51 GMT

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 116 B
523 B 49ms
48ms Script
text/javascript 152.199.2.76
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/xdc.js?_biz_u=dabe8c07833d4031e5f2a2dc08e305e0&_biz_h=-1906410348&cdn_o=a&jsVer=4.22.05.27
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.2.76 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D31) /
Resource Hash: c9e5b66a3170f61b799e7154192102daf1b785d3bbf523f8cc97d4e0e967c778

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
server: ECS (nyb/1D31)
etag: 1F061A79
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 217

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 49ms
48ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-8Q6D4RLYQL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c18c407d87bbb439f03abe658c52c54420e1ddb231651589bbb5c4e1e88a0040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70557
x-xss-protection: 0
expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/d06ce3e2-19d4-4001-a867-289fec4068d8/ 71 KB
14 KB 104ms
104ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9ff638b7-8097-449d-9741-7b3c526b0da7/d06ce3e2-19d4-4001-a867-289fec4068d8/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52bb6e8d120c194fb3c184f9af610501526c368c6fc4224916eae858f12bc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: l8lF6Z9Y6BID7iYM3kTxkw==
vary: Accept-Encoding
content-length: 14351
x-ms-lease-status: unlocked
last-modified: Tue, 18 May 2021 21:25:10 GMT
server: cloudflare
etag: 0x8D91A436A98F9F8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 656f69be-101e-014d-0932-5a5851000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7226b7e78dd67157-YUL
expires: Tue, 28 Jun 2022 17:20:11 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 60ms
19ms Script
text/javascript 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Jun 2022 13:28:30 GMT

GET
H2 200 collect Show response
sgtm.splunk.com/g/ 65 B
245 B 231ms
130ms XHR
text/plain 2600:1901:0:a57b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.splunk.com/g/collect?v=2&tid=G-8Q6D4RLYQL&gtm=2oe6m0&_p=1856614730&_z=ccd.v9B&cid=1544350318.1656422411&ul=en-us&sr=1600x1200&_fplc=0&_s=1&sid=1656422411&sct=1&seg=0&dl=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&dt=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&ep.allowLinker=true&ep.page=%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&ep.gtm_tag_name=sGTM%20GA4%20-%20Page%20View&ep.event_id=1864551930-13&up.4=1656422411399.7kf7ak4q&up.5=2022-06-28T13%3A20%3A11.399%2B00%3A00&up.16=1656422411399.dcf7f8f1-8dd4-4893-83ca-6a73ffce5300&up.24=GA%20-%20Pageview&up.25=dabe8c07833d4031e5f2a2dc08e305e0&up.32=0.35758165894035754_1656422411400&up.35=35&richsstsse

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:a57b:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Google Frontend
content-type: text/plain
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-accel-buffering: no

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 12 KB
3 KB 107ms
107ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: MrQfM8mTXwqoZ1+V6sXNuw==
vary: Accept-Encoding
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Mon, 24 May 2021 01:24:48 GMT
server: cloudflare
etag: 0x8D91E52B88C8775
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 141518a6-f01e-0025-647f-584055000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7226b7e84ecd7157-YUL

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 49ms
49ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5EPM2P39FV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7e154777ca21b7dd4b42b282f0424e41b0a73cd9bca1f3f52131435abb7e993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70287
x-xss-protection: 0
expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 93ms
20ms Script
application/x-javascript 2600:141b:13::17d7:82d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=14987
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 87ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E71B21AA2364576A583E12C41D11330 Ref B: YTO01EDGE0417 Ref C: 2022-06-28T13:20:11Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 28 Jun 2022 13:20:11 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1341559/ 55 KB
17 KB 49ms
14ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1341559/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f32bd5c659b9df6f38188fd107ea815e21ce95e1fa4609aa84d70b359628c10

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: as72UqNRfIieOG4EEyRO68peVC9ysOUb
content-encoding: gzip
etag: "7e2117dbe08a4d8261589eb1432a2003"
age: 20133
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 17381
x-amz-id-2: 2vnCqZQUFDNbfI5CM7WjNMSgHsI811OCP/dLKzFy0Ql0pRmLZY2jvxe11ja4PI8l7dBhw9CgP0E=
x-served-by: cache-yul12830-YUL
last-modified: Sun, 26 Jun 2022 11:01:48 GMT
server: AmazonS3
x-timer: S1656422412.613418,VS0,VE0
date: Tue, 28 Jun 2022 13:20:11 GMT
vary: Accept-Encoding
x-amz-request-id: 30H0W5DE72DM9VDR
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 63
x-cache-hits: 12

GET
H2 200 b05765359b5ba.js Show response
t.contentsquare.net/uxa/ 316 KB
71 KB 453ms
140ms Script
application/javascript 99.84.31.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/b05765359b5ba.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.31.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-31-73.gig51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92b770fff5ec965d8383a31102fb80865d50fa4c47ae4eeccb7c5d647c011547

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 28 Jun 2022 12:39:24 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 12:36:48 GMT
server: AmazonS3
age: 2448
etag: "f1a3312d121f3b4382fb5b22e1f0ffa6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 ee70312564b1ccd144e6421d6ed89810.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: GIG51-C2
accept-ranges: bytes
content-length: 72152
x-amz-cf-id: _qSXk-8MfjwYyp-61qyqoTa11wJvc4OKaPv_AqHFUyN-6roUkY2uiA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 67ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: cMsHtCedPsDX/MRXCXemc8a5jcyG7aMtr69TVbbn7yAl80QsmLEJxIlC4SglYsGSiRM5MvIe9JwS9xzkmS6U0Q==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Jun 2022 13:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 451ms
137ms Script
application/x-javascript 99.84.22.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.22.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-22-46.gig51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 06:12:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 25691
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 7fa7f57fe2ecb4a33094f4b161ed1fde.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: GIG51-C2
X-Amz-Cf-Id: MafKa25QrLE69QxU-8iwfqAd4lbYSvLInj4L98BcyZgaWLecPuGLUA==

GET
H2 200 cs.js Show response
tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/ 408 B
548 B 372ms
100ms Script
application/javascript 3.121.48.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/cs.js?c=1656422411585

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.121.48.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-48-255.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6bd6f89b1e7f7eef3650d12eb6b8b0b9a839034f1917cccfafb5d22f549d5529

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Tue, 28 Jun 2022 13:20:11 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-headers: Authorization, Content-Type, username, password

GET
H/1.1 200
OK lp.js Show response
metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/ 6 KB
6 KB 111ms
26ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
Connection: Keep-Alive
Last-Modified: Fri, 10 Dec 2021 19:19:18 GMT
x-amz-request-id: tx000000000000127df7988-0062ba312d-2768dd76-sfo2a
etag: "b407e44b8c40c183ae2c50df3bbcf151"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1656422411.dop056.dc2.t,1656422411.cds171.dc2.shn,1656422411.dop056.dc2.t,1656422411.cds041.dc2.c
Content-Type: application/x-javascript
Cache-Control: max-age=551842
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 5673

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 74ms
20ms Script
application/javascript 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 9715
Pragma: no-cache
Last-Modified: Thu, 05 May 2022 03:45:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6273484d-7b02"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 rz5la3FlMSNo3OYdIkfj Show response
ws.zoominfo.com/pixel/ 2 KB
1 KB 135ms
93ms Script
text/javascript 2606:4700::6810:650c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/rz5la3FlMSNo3OYdIkfj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

95d1557e564c3969792919d877218bf060d68f01f298d747be0ed04155d44050

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7226b7e8eabb7148-YUL
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via: 1.1 google

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 8 KB
4 KB 95ms
43ms Script
application/x-javascript 23.208.217.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.208.217.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-208-217-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Jun 2022 14:06:31 GMT
Server: AkamaiNetStorage
ETag: "51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3249
Expires: Tue, 28 Jun 2022 13:40:11 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 60ms
60ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-5EPM2P39FV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc1f659daf63461436e403716d5e33a4afa5ad5f4f19826049343c74e1e8d01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70679
x-xss-protection: 0
expires: Tue, 28 Jun 2022 13:20:11 GMT

POST
H2 200 collect
sgtm.splunk.com/ 35 B
279 B 85ms
81ms Ping
image/gif 2600:1901:0:a57b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sgtm.splunk.com/collect
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a57b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 93ms
31ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-399680-35&cid=1544350318.1656422411&jid=1610079457&gjid=236495000&_gid=400837711.1656422411&_u=aHBAiUAjBAAAAE~&z=81767338

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Jun 2022 13:20:11 GMT
content-type: text/plain
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
33ms Ping
image/gif 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 86ms
31ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-399680-1&cid=1544350318.1656422411&jid=71447639&gjid=954766895&_gid=400837711.1656422411&_u=aHDAiUAjBAAAAE~&z=1317870564

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Jun 2022 13:20:11 GMT
content-type: text/plain
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1341559/trc/3/ 2 KB
2 KB 55ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1341559/trc/3/json?tim=1656422411629&data=%7B%22id%22%3A338%2C%22ii%22%3A%22%2Fsip-soar-to-risk-based-alerting%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1656422411624%2C%22cv%22%3A%2220220626-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsplunk-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1656422411629%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A37%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1341559/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af46c4623817a695dccc34bad3dd0e49593e1d154ccb085b823f07e99637f9e8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms: 32
date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
server: nginx
x-timer: S1656422412.672961,VS0,VE32
x-served-by: cache-yul12830-YUL
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 204 collect
analytics.google.com/g/ 0
348 B 122ms
33ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5EPM2P39FV&gtm=2oe6m0&_p=1856614730&_z=ccd.v9B&_gaz=1&cid=1544350318.1656422411&ul=en-us&sr=1600x1200&_s=1&sid=1656422411&sct=1&seg=0&dl=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&dt=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&ep.allowLinker=true&ep.page=%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&up.3=1544350318.1656422411&up.4=1656422411563.lst8vxck&up.5=2022-06-28T13%3A20%3A11.563%2B00%3A00&up.16=1656422411563.75545f8e-a428-4c8f-ab8f-d038a8907a67&up.24=GA4%20-%20Pageview&up.25=dabe8c07833d4031e5f2a2dc08e305e0&up.32=0.35758165894035754_1656422411400&up.35=35
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EPM2P39FV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 106ms
33ms Ping
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5EPM2P39FV&cid=1544350318.1656422411&gtm=2oe6m0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EPM2P39FV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 118ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5EPM2P39FV&cid=1544350318.1656422411&gtm=2oe6m0&aip=1&z=261284375

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 84ms
36ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-399680-1&cid=1544350318.1656422411&jid=71447639&_u=aHDAiUAjBAAAAE~&z=1593877586

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 71ms
40ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-399680-1&cid=1544350318.1656422411&jid=71447639&_u=aHDAiUAjBAAAAE~&z=1593877586

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1642523699107798 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 39ms
18ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1642523699107798?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5305a0da6cfa332362896497fa5996cb6e1497920d70f915eca7ac9fd337371d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84807
x-xss-protection: 0
pragma: public
x-fb-debug: sApP8lH7pjmbiwhxgbDWp06CusP4/jozV6pm3rNKs86Cv5LUPAKQ7f4xXP+xzxg81qLS9XjpW2enRoTt70fJoA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Jun 2022 13:20:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOA...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOA...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66727%26time%3D1656422411792%26url%3Dhttps%253A%252F%252Fevents.splunk.com%252FSi...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOA...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1656422411792&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SO...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ff200631-5f9e-457e-a440-85038418e27c
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ff200631-5f9e-457e-a440-85038418e27c&_expected_cookie=43219dd62c7a7f908207b4b0...

43 B
142 B

56ms
54ms

Image
image/gif

104.18.100.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ff200631-5f9e-457e-a440-85038418e27c&_expected_cookie=43219dd62c7a7f908207b4b011893c88
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Server: 104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 7226b7ed9f71a235-YYZ
p3p: CP='NON DSP COR CONi OUR BUS CNT'
content-type: image/gif
content-length: 43

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=ff200631-5f9e-457e-a440-85038418e27c&_expected_cookie=43219dd62c7a7f908207b4b011893c88
date: Tue, 28 Jun 2022 13:20:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7226b7ed3ed5a235-YYZ
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
705 B 110ms
71ms XHR
application/json 68.67.161.210
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.210 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 13:20:11 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2854ec9e-8cff-4d19-a00e-e0f7124b39a7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://events.splunk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
373 B 67ms
17ms XHR
text/plain 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-1-193-196.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bf37222c7bd35ac66f914406099505059aa336165e3c9b942f78dcc2feaf4a1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://events.splunk.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
256 B 87ms
23ms XHR
text/html 2600:141b:13:7a7::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a7::1c91 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a4f562534e62ae4287bbb482954c259b1089bba05611d0bbb06d48811c9125b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:11 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://events.splunk.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2607:5300:60:7867::3
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 20
expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 5962822.js Show response
bat.bing.com/p/action/ 218 B
493 B 33ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5962822.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

eee1f9319b7241c317e703f6426889caf67614d4cc98ad8b79b9ac5dba005890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2512E419745047CD934052956D080919 Ref B: YTO01EDGE0417 Ref C: 2022-06-28T13:20:11Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Tue, 28 Jun 2022 13:20:11 GMT
content-length: 299

GET
H2 204 0
bat.bing.com/action/ 0
176 B 44ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5962822&tm=gtm002&Ver=2&mid=e5441cdd-ff15-44a8-b46d-6f0b7414042d&sid=0a0b4ee0f6e511ecbaa5dd0c809d8c45&vid=0a0b6ff0f6e511ecb12a87ae5b605010&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&p=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&r=&lt=3806&evt=pageLoad&msclkid=N&sv=1&rn=981024

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DAA1DEFA09BA4C4094C7C0A5B677959B Ref B: YTO01EDGE0417 Ref C: 2022-06-28T13:20:11Z
date: Tue, 28 Jun 2022 13:20:11 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 102ms
20ms Script
application/javascript 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00d61f3947fbcca6a300f9bcb5900fda25
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
content-encoding: gzip
X-TraceId: d13226124abd09e1dcf60e89f2731597
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 94ms
19ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00d61f3947fbcca6a300f9bcb5900fda25&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&optOut=false&bust=020592455945803123&referrer=
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
Cache-Control: no-cache
X-TraceId: 01bce12a1561ee073a37c1e4985eb895
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 11ms
10ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1341559/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 2650
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: 0dUPbOT4lmNX0r66NY/L6ym5NDP7CE1NUEJXfo/BuwuncSXz8dn62BwSsxT8ueb70dwAAESnj0U=
x-served-by: cache-yul12830-YUL
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
server: AmazonS3
x-timer: S1656422412.824340,VS0,VE0
date: Tue, 28 Jun 2022 13:20:11 GMT
vary: Accept-Encoding
x-amz-request-id: XWBGF6WMZZ7MSSXH
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 30
x-cache-hits: 10228

GET
H2 200 / Show response
pips.taboola.com/ 64 B
242 B 40ms
14ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 928abacd2ab4460beee94cec0a465355a04c546c1dc7f205347aa322d5ee1e3e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-yul12825-YUL
access-control-allow-methods: GET
access-control-allow-origin: https://events.splunk.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 57ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642523699107798&ev=PageView&dl=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&rl=&if=false&ts=1656422411853&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656422411851.203147942&it=1656422411757&coo=false&eid=1864551930-22&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 28 Jun 2022 13:20:11 GMT

GET
H2 200 5962822 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 336ms
132ms Script
application/x-javascript 2620:1ec:27::cafe:1822
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5962822
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5962822.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1822 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9ec10171321f7c5a2a1a015667e6b74cca6395159ae88b98d747c3083d9fc681

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:11 GMT
x-powered-by: ASP.NET
x-azure-ref: 0DAC7YgAAAAA9W6bbq6qmRYOhr2F/9WXAUEhYMzFFREdFMDExMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
content-length: 1542
expires: -1

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 70ms
19ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=f15ef3f8-b5b8-493d-8de6-f5fe80a43a64-tuct9b4858b&uad=a4f562534e62ae4287bbb482954c259b1089bba05611d0bbb06d48811c9125b1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 28 Jun 2022 13:20:11 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 137ms
89ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=ipv6&q=%7B%22address%22%3A%222607%3A5300%3A60%3A7867%3A%3A3%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:12 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 89ms
52ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A11%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:11 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK analytics-an-min.js Show response
d2hya7iqhf5w3h.cloudfront.net/scripts/ 4 KB
5 KB 276ms
85ms Script
application/javascript 99.84.194.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2hya7iqhf5w3h.cloudfront.net/scripts/analytics-an-min.js
Requested by: Host: tm.vendemore.com
URL: https://tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/cs.js?c=1656422411585
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.194.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-194-217.lax3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 856480dfbd572e8e51fd582b4744916dc6708b2cf12eb311d749f0dc16250410

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 06:44:47 GMT
Via: 1.1 a881cb8cde2d5f28c5d1e3662b510ada.cloudfront.net (CloudFront)
Last-Modified: Wed, 05 May 2021 13:48:14 GMT
Server: AmazonS3
Age: 23726
ETag: "e2295ad89bc05d51307a0a73d8f7aa14"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: LAX3-C3
Accept-Ranges: bytes
Content-Length: 4603
X-Amz-Cf-Id: 2BSsBHo2zKpqzZZvlN_0kevhWJ1IpRhSGUIcpiS7IPGAqyjV1aUkdA==

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-d/s/0.6.34/ 53 KB
23 KB 136ms
136ms Script
application/javascript 2620:1ec:27::cafe:1822
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-d/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5962822
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1822 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:12 GMT
content-encoding: br
etag: "1d886f4c739ba54"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0DAC7YgAAAADSCRLWsOxcRZ6+jnCVx5JDUEhYMzFFREdFMDExMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 204 pageview
c.contentsquare.net/ 0
319 B 90ms
24ms Image
text/plain 18.210.134.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/pageview?pid=2961&uu=fcec8a7e-6347-a68d-821c-40826cedad8b&sn=1&lv=1656422412&lhd=1656422412&hd=1656422412&pn=1&dw=1600&dh=3164&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&uc=0&la=en-US&v=11.27.2&r=316320
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.134.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-134-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:12 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
BLOB 200
OK 3e494fec-3644-456c-90ed-2206e44be4f3
https://events.splunk.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://events.splunk.com/3e494fec-3644-456c-90ed-2206e44be4f3
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5edfbb0e96c6e82d39a49c2bef3f1e998df5d53f8145315a87bdb4bbdd6fa0d2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 6483
Content-Type: application/javascript

GET
H2 204 dvar
c.contentsquare.net/ 0
320 B 69ms
23ms Image
text/plain 18.210.134.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.contentsquare.net/dvar?v=11.27.2&pid=2961&uu=fcec8a7e-6347-a68d-821c-40826cedad8b&sn=1&pn=1&dv=N4IgxgzgsghgLmAFgSwHYHMDSBTAniALhAAYA6AZgFYB2SgDgEYA2egTgBZirb2B9Zyk3YAmYewYNOxEABoQUbABNkAVwC2hENjUxkAG1kgAygHsVAJzDZNEAA56VqANaGAwjDW3d6VJoBmuMLkAI7CvH5qarwe2Oa8AO4ARnEQ2GC82Ki8EMi22SYwceaJMLzE1MJ0oiAAvkAAA&r=676164
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.134.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-134-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:12 GMT
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition: inline
timing-allow-origin: *
access-control-allow-headers: Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires: Sun, 24 Oct 1982 23:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
705 B 82ms
42ms XHR
application/json 68.67.179.135
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Jun 2022 13:20:12 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 52e781d1-f384-4326-8923-a83c75228c7c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://events.splunk.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 38ms
18ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1642523699107798&ev=Microdata&dl=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&rl=&if=false&ts=1656422412384&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%2C%22meta%3Adescription%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%2C%22og%3Adescription%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.en25.com%2FEloquaImages%2Fclients%2FSplunkInc%2F%257B613a05c5-c127-4dc9-8ea2-b3f8666738cc%257D_FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822_244101_Banner-3.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656422411851.203147942&it=1656422411757&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Tue, 28 Jun 2022 13:20:12 GMT

GET
H2 200 visit Show response
analytics.vendemore.com/ 33 B
382 B 120ms
100ms XHR
text/plain 3.121.48.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.vendemore.com/visit?vlmref=&vaid=&url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&title=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&path=%2FSip-SOAR-to-Risk-Based-Alerting&domain=events.splunk.com&referrer=

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.121.48.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-48-255.eu-central-1.compute.amazonaws.com

Software

Resource Hash

caa7d2cbd0daf9252bea36e5aa524c4afa70612dbb320870b45f7412e6a8849a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:12 GMT
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://events.splunk.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Content-Type
content-length: 33

POST
H2 204 collect Show response
j.clarity.ms/ 0
177 B 209ms
128ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://events.splunk.com
date: Tue, 28 Jun 2022 13:20:12 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 3F0C 0
182 B 81ms
24ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=65d5w9m&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=zfbopfz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://events.splunk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 28 Jun 2022 13:20:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3221953A695148E9AD076E17D7C03A13&RedC=c.clarity.ms&MXFR=3D4137B8C5706077337F2669C1706ECE
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3221953A695148E9AD076E17D7C03A13&MUID=0CF0F803E2516D3B3FA9E9D2E37B6C57

42 B
441 B

30ms
30ms

Image
image/gif

20.110.81.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3221953A695148E9AD076E17D7C03A13&MUID=0CF0F803E2516D3B3FA9E9D2E37B6C57
Protocol: H2
Server: 20.110.81.91 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:12 GMT
last-modified: Wed, 06 Apr 2022 19:10:39 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "77ff271ea49d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D26C4E1733A04837B37AD8BB8A5DFC97 Ref B: YTO01EDGE0417 Ref C: 2022-06-28T13:20:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3221953A695148E9AD076E17D7C03A13&MUID=0CF0F803E2516D3B3FA9E9D2E37B6C57
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 4735
Redirect Chain

https://insight.adsrvr.org/track/up?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR...
https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR...

953 B
1 KB

28ms
25ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=afx4zne&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: fa36a299aef1370fe42fd7ef5ec17d210655a163706a59441aaa1b5ccd214d5c

Request headers

Referer: https://events.splunk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 28 Jun 2022 13:20:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Tue, 28 Jun 2022 13:20:12 GMT
location: https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=afx4zne&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 analytics.bundle.js Show response
v2.listenloop.com/ 97 KB
33 KB 73ms
31ms Script
application/javascript 2606:4700:3035::6815:4687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.listenloop.com/analytics.bundle.js
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4687 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199b59f8a3e2e20ac1e1e8cd01059b415b02ef8e4dc865d32d901b81ead11529

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5461
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JQCY5K0CF5346X1J
x-amz-id-2: 3rdJthTJHzVKZDpTCYQ8JOvsdiaqjKi9dO0Kk/asL6t/C08biKX4IOPI33aTgonHqay2/+dmdTA=
last-modified: Mon, 20 Jun 2022 10:05:02 GMT
server: cloudflare
etag: W/"15001577d39805dc9fc7ea40eed06ff3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5bkUjfjpkdLt1ge8SsFRCbIae%2BBfHKWpkKzrmChGrGgdi6qnd7UJnUSwG4cJSsqbsNZOSMZBZl0eoJlkGtsT8d6g4PCzo0uhYZo60KLaWZfc49pNuww0pFNmW5V5K0ueUVaPMRmflqUPPi3gIdeBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 7226b7ee588becfa-YUL

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 242 KB
62 KB 44ms
11ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fee059163516f87977f291f488826fe8f97b5865a1b40f4119b943a884a3abdb

Request headers

Referer: https://events.splunk.com/
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:26:08 GMT
content-encoding: br
age: 3244
x-guploader-uploadid: ADPycdusLGB5xZH8HPL_zepmPl3lrjADW2OAmKMQrHGyiV1nTz9wWgJImtD9bAzP5xQRK8rklZGvTH1iKxNVraSwzYYkmw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62689
last-modified: Tue, 14 Jun 2022 13:47:35 GMT
server: UploadServer
etag: "58807cfecad85abbba7b673538b5fc32"
vary: Accept-Encoding
x-goog-hash: crc32c=JC9AAw==, md5=WIB8/srYWru6e2c1OLX8Mg==
x-goog-generation: 1655214455844030
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 62689
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 28 Jun 2022 13:26:08 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 387ms
360ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 0e7833650725133a9fd5e92a8682748f32fe9e93fd5d6adcd08a7f25003771e3

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Jun 2022 13:20:12 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://events.splunk.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1690
via: 1.1 google

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 4735 487 B
964 B 137ms
137ms Script
application/x-javascript 99.84.22.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&upid=afx4zne&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.22.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-22-46.gig51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 07:24:45 GMT
Via: 1.1 7fa7f57fe2ecb4a33094f4b161ed1fde.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 21333
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: GIG51-C2
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 9VVgr5hRukKABSmELI41jW84jtuQJcmvyeDBTsDyMG7kh1T3Ery6WQ==

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame A014
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZWI4YzA4NWUtZGQwMy00ZWRhLTkxNTgtMTI5YzI3NTY1NzEx&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c2...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=ZWI4YzA4NWUtZGQwMy00ZWRhLTkxNTgtMTI5YzI3NTY1NzEx&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711&google_gid=CAESEKIBDwWDDbQwPzUWI0s91Xk&google_cver=1

70 B
586 B

25ms
24ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711&google_gid=CAESEKIBDwWDDbQwPzUWI0s91Xk&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 28 Jun 2022 13:20:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 13:20:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711&google_gid=CAESEKIBDwWDDbQwPzUWI0s91Xk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame D6AD
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Deb8c085e-dd03-4eda-9158-129c27565711
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2183682153966211275&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711

70 B
586 B

25ms
24ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2183682153966211275&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 28 Jun 2022 13:20:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

AN-X-Request-Uuid: 76951daf-9872-44a6-a376-bef8fe86d1c3
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Jun 2022 13:20:12 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2183682153966211275&ttd_tdid=eb8c085e-dd03-4eda-9158-129c27565711
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame 4BD1
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=eb8c085e-dd03-4eda-9158-129c27565711&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
586 B

31ms
30ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 28 Jun 2022 13:20:12 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
content-length: 0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 41ms
40ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A11%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:12 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 integrations Show response
rs.fullstory.com/rec/ 5 KB
5 KB 161ms
138ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=o-19MVJ7-na1
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 80f743a46515dd1ed862df487e1e450bebf1ac3d5394aa1ae79adeea897a4f05

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 195ms
178ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=o-19MVJ7-na1&UserId=6007937325469696&SessionId=6522402295910400&PageId=5772971006103552&Seq=1&PageStart=1656422412653&PrevBundleTime=0&LastActivity=7&IsNewSession=true
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 187de9a41cce144498ecdafbe01069c3feb03cfef360c6a273e3a27f489a75fc

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://events.splunk.com
date: Tue, 28 Jun 2022 13:20:13 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v2/ 40 KB
11 KB 38ms
13ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v2/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=o-19MVJ7-na1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1b4b996c60d1f69e1bdcc5a662178f365c6d82ab7c64fdf2a3f6cdb3062afea8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:26:43 GMT
content-encoding: gzip
age: 3210
x-guploader-uploadid: ADPycdub3DPkl9fY3lmYx17_9F7tbYB-OPcgwZS8CW7BX_4yQV66B_OjYZwcvDcPC7lt064lA5_YUe74QVHksV2Hd7gFhw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11359
last-modified: Tue, 14 Jun 2022 18:42:03 GMT
server: UploadServer
etag: "2f4ae9b4c6238f8cf56d4b90d832f542"
x-goog-hash: crc32c=hnyuTg==, md5=L0rptMYjj4z1bUuQ2DL1Qg==
x-goog-generation: 1655232123925828
access-control-allow-origin: *
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 11359
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 28 Jun 2022 13:26:43 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1341559/log/3/ 0
381 B 161ms
18ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1341559/log/3/unip?en=pre_d_eng_tb&tos=1622&scd=37&ssd=1&est=1656422411627&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1656422413249&vi=1656422411624&ri=1d664dbc3afe8246e947c228969a4710&sd=v2_f6b7cf29526e906b8c8870b4cff61e6c_f15ef3f8-b5b8-493d-8de6-f5fe80a43a64-tuct9b4858b_1656422411_1656422411_CNawjgYQ9_BRGOja4NOaMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjsyrjT39zS1ipwAQ&ui=f15ef3f8-b5b8-493d-8de6-f5fe80a43a64-tuct9b4858b&ref=null&cv=20220626-8-RELEASE&item-url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://events.splunk.com
pragma: no-cache
date: Tue, 28 Jun 2022 13:20:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 33ms
32ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://events.splunk.com
date: Tue, 28 Jun 2022 13:20:13 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 47ms
46ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A12%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:13 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 45ms
45ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A13%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:14 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 52ms
51ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A14%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:15 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1341559/log/3/ 0
380 B 95ms
95ms XHR
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1341559/log/3/unip?en=pre_d_eng_tb&tos=4623&scd=37&ssd=1&est=1656422411627&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1656422416251&vi=1656422411624&ri=1d664dbc3afe8246e947c228969a4710&sd=v2_f6b7cf29526e906b8c8870b4cff61e6c_f15ef3f8-b5b8-493d-8de6-f5fe80a43a64-tuct9b4858b_1656422411_1656422411_CNawjgYQ9_BRGOja4NOaMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjsyrjT39zS1ipwAQ&ui=f15ef3f8-b5b8-493d-8de6-f5fe80a43a64-tuct9b4858b&ref=null&cv=20220626-8-RELEASE&item-url=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://events.splunk.com
pragma: no-cache
date: Tue, 28 Jun 2022 13:20:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 49 KB
14 KB 93ms
24ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 07bd9208924103ac310b9a3f9ea1b961d29b05a1cf7e0f20c9fe262c2ca0b000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:16 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 19:50:23 GMT
etag: "f599203155d4e9583bf35965b9f920af+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 13713
x-served-by: cache-iad-kcgs7200070-IAD

GET
H2 200 FQgOcAAM.min.js Show response
scripts.demandbase.com/ 60 KB
16 KB 574ms
148ms Script
application/javascript 13.33.94.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/FQgOcAAM.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.94.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-94-103.gig51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

be2da6f7cd2b1aca420ceea5b5513b3c50af4028188ec5e9b2b7b6a99fc54030

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: BewRy25ngjO8i3vAYosZ6n149apW_g9U
content-encoding: gzip
etag: W/"b967a9f688becc172d3007933f1ff35c"
age: 2626
x-cache: Hit from cloudfront
vary: Accept-Encoding
last-modified: Tue, 26 Oct 2021 19:03:42 GMT
server: AmazonS3
date: Tue, 28 Jun 2022 13:11:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
via: 1.1 a82521331b708ee8f34f5d2f34b64a76.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: GIG51-C1
x-amz-cf-id: 8MgOkzK3q3DY_2kEcL_r3SbsXkH46pEM10LELDuKHX8ZRrrbizA7-g==

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 7 KB
7 KB 429ms
144ms Script
text/javascript 99.84.23.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.23.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-23-225.gig51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: RCjAxJ8CrRqbtKQCS4KIrWhcLcYrBklc
via: 1.1 41591135582883808a7c82819cf851a2.cloudfront.net (CloudFront)
last-modified: Thu, 11 Nov 2021 17:52:19 GMT
server: AmazonS3
age: 21329
etag: "4e42700e21a922978b72507ad18a7fea"
x-cache: Hit from cloudfront
content-type: text/javascript
date: Tue, 28 Jun 2022 07:24:48 GMT
x-amz-cf-pop: GIG51-C2
accept-ranges: bytes
content-length: 6674
x-amz-cf-id: D2kBuzR1-Bonh7DDvG6v9zzbtZWdg-PJtoE1HryBsFRQjl9RTq5tCg==

GET
H2 200 iztag.js Show response
tags.inzynk.io/dji5wmjz/ 17 KB
18 KB 466ms
138ms Script
application/octet-stream 2600:9000:213b:a00:12:dfa9:e200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.inzynk.io/dji5wmjz/iztag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:213b:a00:12:dfa9:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c2783718baefb66f7810aedae99e6bbabd3713e0f6098079f6ff9b4d1433bc2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 00:39:28 GMT
via: 1.1 371ec6170a63d81d111f7154a45d74e4.cloudfront.net (CloudFront)
last-modified: Wed, 25 May 2022 10:03:10 GMT
server: AmazonS3
age: 45649
etag: "382804949496b421c76a3504a7676727"
x-cache: Hit from cloudfront
content-type: application/octet-stream
x-amz-cf-pop: GIG51-C1
accept-ranges: bytes
content-length: 17723
x-amz-cf-id: O1beeFKKTOiq2fkXSQAG4Q67FQYu1wqWrCKqagRBA9CYBv5L-OCVFw==

GET
H2 200 26b58e1d9d1d.js Show response
w.usabilla.com/ Frame E1BB 59 KB
14 KB 89ms
24ms Script
text/javascript 54.236.151.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/26b58e1d9d1d.js?lv=1
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.151.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-151-164.compute-1.amazonaws.com
Software: /
Resource Hash: 8e4a21f8b9b0ad36dea4db371c1cbbd2b055f24404a7dbb277c9cc2454f9a2e3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:16 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "1bb9945b7180f2d40dddc589f3b324b1"
content-type: text/javascript
cache-control: public,max-age=0
content-length: 14083

GET
H2 200 adsct
t.co/i/ 43 B
336 B 128ms
42ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d7472ea9-56e3-47b3-9743-e8a440fb8e8a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=af7cfea4-438e-4381-864c-4b769e612bee&tw_document_href=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvbvz&type=javascript&version=2.3.21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 6
date: Tue, 28 Jun 2022 13:20:16 GMT
server: tsa_b
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: ff0b6b58508c5a639e2caca8119d032161dd904c24546be282214f6533131f71
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
353 B 134ms
43ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d7472ea9-56e3-47b3-9743-e8a440fb8e8a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=af7cfea4-438e-4381-864c-4b769e612bee&tw_document_href=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvbvz&type=javascript&version=2.3.21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 6
date: Tue, 28 Jun 2022 13:20:15 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 30d489d4d9845487c1f9e3667d942e0dcde355ec5c9c42bfdf017a182454499f
content-length: 43

GET
H/1.1 200
OK splunk-button-77a48f8f9f814cbca9e89a9cef1a2ace.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 599F 2 KB
2 KB 440ms
138ms Image
image/png 99.84.28.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/splunk-button-77a48f8f9f814cbca9e89a9cef1a2ace.png
Requested by: Host: events.splunk.com
URL: https://events.splunk.com/Sip-SOAR-to-Risk-Based-Alerting?utm_medium=email&utm_source=splunk&utm_campaign=FY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822&LST=Email1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.28.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-28-145.gig51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8946e8ab0408c419e21f26f0da2b8cf9c984eb9b29400d3289750398cb23e3ea

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 14 May 2022 04:54:04 GMT
Via: 1.1 6454020604534e652d7f0ba5d46965c6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 18 May 2021 14:55:26 GMT
Server: AmazonS3
Age: 3918373
ETag: "77a48f8f9f814cbca9e89a9cef1a2ace"
X-Cache: Hit from cloudfront
x-amz-version-id: quw00hIHAjydomrSDmVhxRmQN7ZVmEoP
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: GIG51-C2
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1834
X-Amz-Cf-Id: Uet2wE9bD0O6QZtAfQM6BPc6CCglPCsMPlcEoQMYYJCcNcSOQ3Jarw==

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ Frame 599F 242 KB
61 KB 35ms
11ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fee059163516f87977f291f488826fe8f97b5865a1b40f4119b943a884a3abdb

Request headers

Referer: https://events.splunk.com/
Origin: https://events.splunk.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:57:56 GMT
content-encoding: br
age: 1340
x-guploader-uploadid: ADPycduHxO9OO1BOwSKIurZndV-WdJ058u5A6-ECC12AFVdYi1BIkB1N1bVuR45-Jivx-hbFMDAztqozYLYzPR_IwubFJ3WZGv2R
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62689
last-modified: Tue, 14 Jun 2022 13:47:35 GMT
server: UploadServer
etag: "58807cfecad85abbba7b673538b5fc32"
vary: Accept-Encoding
x-goog-hash: crc32c=JC9AAw==, md5=WIB8/srYWru6e2c1OLX8Mg==
x-goog-generation: 1655214455844030
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 62689
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 28 Jun 2022 13:57:56 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 44ms
44ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A15%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:16 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 13FF
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1656422416422
https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1656422416422&dcc=t

65 B
973 B

55ms
55ms

Document
text/html

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1656422416422&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://events.splunk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 28 Jun 2022 13:20:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 5DMJWVFJSVD5FHK5084V

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 28 Jun 2022 13:20:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1656422416422&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: E5KTK9CZ2KYHS2VV90XW

GET
H2 200 dji5wmjz Show response
analytics.inzynk.io/collect/ 171 B
441 B 443ms
159ms Script
text/plain 13.48.144.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.inzynk.io/collect/dji5wmjz?izcid=&iztid=&u=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&t=Sip+%26+SOAR+to+Risk-Based+Alerting+%7C+Virtual+Event+%7C+Splunk&p=%2FSip-SOAR-to-Risk-Based-Alerting&d=events.splunk.com&r=
Requested by: Host: tags.inzynk.io
URL: https://tags.inzynk.io/dji5wmjz/iztag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.144.168 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-144-168.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: aa7aff8ab4c295be46be593b89b26da2a2ade258810e6b81a0b8c7c883dc50bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:17 GMT
server: nginx/1.18.0
content-length: 171
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=ISO-8859-1

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 424 B
937 B 731ms
419ms XHR
application/json 13.33.94.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&page_title=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&src=tag&key=3ba085cbec5f85b5afa666ed40e727757c9caa91
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.94.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-94-123.gig51.r.cloudfront.net
Software: nginx /
Resource Hash: 9397b31aa147681c5b7b5a98f2b123ecdf6b48216b865b79b8e4d68a23f104dd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 13:20:17 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: GIG51-C1
x-cache: Miss from cloudfront
request-id: 1fb72bd7-2ec3-4d31-ba5c-cbb663ba5808
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://events.splunk.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 b7a41f8635d9e8e6499fbcc9612f2ec4.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9bZZeaDBn9CCYGkKH5LBlFymELzNY6yjY6_K3VRGYLctg7MglegIaQ==
expires: Mon, 27 Jun 2022 13:20:17 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAEJDE7FdgAAABLElq71cA
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEJDE7FdgAAABLElq71cA&verifyHash=531753eb11bb31190ada40701ed0c6ec5411d3d5

26 B
409 B

379ms
378ms

Image
image/gif

13.33.94.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEJDE7FdgAAABLElq71cA&verifyHash=531753eb11bb31190ada40701ed0c6ec5411d3d5
Protocol: HTTP/1.1
Server: 13.33.94.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-94-51.gig51.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:18 GMT
Via: 1.1 c93d4ed7938cd391613a13e7dd8ed2ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: GIG51-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 495d5f28a61461f6
X-Amz-Cf-Id: KZZALV5XDmdeaGXX0D7ivEMyvGd2TNdhYzr4SWgXQ_UAarfAITWxsw==

Redirect headers

Date: Tue, 28 Jun 2022 13:20:17 GMT
Via: 1.1 9b140cb214dc166129350e47b923d352.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: GIG51-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAEJDE7FdgAAABLElq71cA&verifyHash=531753eb11bb31190ada40701ed0c6ec5411d3d5
Connection: keep-alive
trace-id: e7f16112ce0f7ccb
Content-Length: 0
X-Amz-Cf-Id: dYclaw-WrpPlGg5wlfAKnVEkOJhUJuyAtZdeDJNny-bkYx977dqHQQ==

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCJGA7JUGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc129749iQBn19XOg-tsxxECY8u404Qb8z68MXew-p-XnupLw
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc129749iQBn19XOg-tsxxECY8u404Qb8z68MXew-p-XnupLw&verifyHash=93f4a940410f634236cfc808941416c49fbed082

26 B
409 B

389ms
386ms

Image
image/gif

13.33.94.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc129749iQBn19XOg-tsxxECY8u404Qb8z68MXew-p-XnupLw&verifyHash=93f4a940410f634236cfc808941416c49fbed082
Protocol: HTTP/1.1
Server: 13.33.94.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-94-51.gig51.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:18 GMT
Via: 1.1 9b140cb214dc166129350e47b923d352.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: GIG51-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 9f7fff8b09f78517
X-Amz-Cf-Id: r7tThSHH9zmhWS5mPnacBNaTLc8N_RRcBplq-2Zm9BfowWzsIflbSQ==

Redirect headers

Date: Tue, 28 Jun 2022 13:20:17 GMT
Via: 1.1 c93d4ed7938cd391613a13e7dd8ed2ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: GIG51-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=liveramp&user_id=Xc129749iQBn19XOg-tsxxECY8u404Qb8z68MXew-p-XnupLw&verifyHash=93f4a940410f634236cfc808941416c49fbed082
Connection: keep-alive
trace-id: f5ecf810803c52a0
Content-Length: 0
X-Amz-Cf-Id: BMRyooJvcf03k1_vhOzfaGcMpGmj52mDmYzDX-0oWh4WEQjkUT-qlg==

GET
H/1.1 200
OK analytics_data Show response
abm2.listenloop.com/api/v1/public/ 19 B
762 B 177ms
28ms Fetch
application/json 3.216.183.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://abm2.listenloop.com/api/v1/public/analytics_data?public_key=JRsJMiSyunHf8gYEStaz
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.183.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-183-243.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 54c92804a5f97113030e5307876352f27f1623775916b78311a3131a6bf89fab

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Runtime: 0.003664
Date: Tue, 28 Jun 2022 13:20:17 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"09c861adac7536f5f6ed4c16b00e40ec"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://events.splunk.com
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Content-Length: 45
X-Request-Id: 60972f17-b223-4373-ae7b-3ada9d9fba70

POST
H3 200 collect
sgtm.splunk.com/ 35 B
52 B 87ms
74ms Ping
image/gif 2600:1901:0:a57b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sgtm.splunk.com/collect
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:a57b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:17 GMT
via: 1.1 google
server: Google Frontend
content-type: image/gif
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
32ms XHR
text/plain 2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1856614730&t=event&ni=1&_s=1&dl=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&dr=%2F&dp=%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&ul=en-us&de=UTF-8&dt=Sip%20%26%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=demandbase&ea=demandbase%20loaded&el=%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&_u=aHDACUAjBAAAAG~&jid=1166221738&gjid=1589938237&cid=1544350318.1656422411&tid=UA-399680-1&_gid=400837711.1656422411&_r=1&gtm=2wg6m0TPV7TP&cd3=1544350318.1656422411&cd4=1656422417770.tq965gra&cd5=2022-06-28T13%3A20%3A17.770%2B00%3A00&cd36=GA1.2.1544350318.1656422411&cd45=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&cd7=Bot&cd8=(Non-Company%20Visitor)&cd26=&z=1199595855

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 41ms
41ms Image
image/gif 23.1.193.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A16%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.1.193.196 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-1-193-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 13:20:17 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST analytics
pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/ 0
0

OPTIONS analytics
pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/ Frame 0
0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 33ms
33ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-399680-1&cid=1544350318.1656422411&jid=1166221738&gjid=1589938237&_gid=400837711.1656422411&_u=aHDACUAjBAAAAG~&z=1165056188

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 28 Jun 2022 13:20:17 GMT
content-type: text/plain
access-control-allow-origin: https://events.splunk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 82ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-399680-1&cid=1544350318.1656422411&jid=1166221738&_u=aHDACUAjBAAAAG~&z=72692288

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 80ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-399680-1&cid=1544350318.1656422411&jid=1166221738&_u=aHDACUAjBAAAAG~&z=72692288

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://events.splunk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 13:20:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 54ms
51ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=o-19MVJ7-na1&UserId=6007937325469696&SessionId=6522402295910400&PageId=5772971006103552&Seq=2&PageStart=1656422412653&PrevBundleTime=1656422413170&LastActivity=4866&IsNewSession=true
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b43ccae2bca74208dafa4c3e5f55db48302eb1571ec064b7b2787a70a4a16f5b

Request headers

Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://events.splunk.com
date: Tue, 28 Jun 2022 13:20:18 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 32ms
31ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://events.splunk.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://events.splunk.com
date: Tue, 28 Jun 2022 13:20:18 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pt37ad6f6a.execute-api.us-east-1.amazonaws.com
URL: https://pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/analytics

Domain: pt37ad6f6a.execute-api.us-east-1.amazonaws.com
URL: https://pt37ad6f6a.execute-api.us-east-1.amazonaws.com/Prod/v1/analytics

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=cf3a22175b2200000b00bb6285020000a024af00&session=9c212f85-f0ad-4da2-86b5-cff35dd5ec8b&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2028%20Jun%202022%2013%3A20%3A17%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%227011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Historically%2C%20Security%20Operations%20Centers%20have%20been%20noisy%20places.%20Teams%20have%20worked%20endlessly%20to%20craft%20the%20%E2%80%98perfect%E2%80%99%20correlation%20search%2C%20to%20no%20avail.%20As%20the%20volume%20of%20security%20alerts%20continued%20to%20grow%2C%20it%20has%20put%20a%20disproportionate%20amount%20of%20the%20workload%20on%20analysts%2C%20as%20their%20primary%20job%20function%20became%20triage%20related%20activities.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Sip%20%26amp%3B%20SOAR%20to%20Risk-Based%20Alerting%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&pageViewId=5d945ac6-26c0-4d23-8d67-13596c251e5f&an_uid=0

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/splunk-sc/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_f6b7cf29526e906b8c8870b4cff61e6c_f15ef3f8-b5b8-493d-8de6-f5fe80a43a64-tuct9b4858b_1656422411_1656422411_CNawjgYQ9_BRGOja4NOaMCABKAEwJjiJ6AdA6vUHSKfL2QNQrswHWABgAGjsyrjT39zS1ipwAQ
.eloqua.com/	1970-01-20 13:35:50	Name: ELOQUA Value: GUID=228ADD20F4B64594893ED61AF0376297
.eloqua.com/	1970-01-20 13:35:50	Name: ELQSTATUS Value: OK
.splunk.com/	1970-01-20 13:35:50	Name: ELOQUA Value: GUID=B3B00AF4C25144AA885125C9FFF7E027&FPCVISITED=1
.splunk.com/	1970-01-20 12:52:38	Name: _biz_uid Value: dabe8c07833d4031e5f2a2dc08e305e0
.splunk.com/	1970-01-20 04:07:04	Name: _biz_sid Value: 1e32a8
.splunk.com/	1970-01-20 12:52:38	Name: _biz_nA Value: 1
.bizible.com/	1970-01-20 12:52:38	Name: _BUID Value: dabe8c07833d4031e5f2a2dc08e305e0
.bizibly.com/	1970-01-20 12:52:38	Name: _BUID Value: b15d3cc13f342919303de54a563bc3d0
.splunk.com/	1970-01-20 04:07:04	Name: _cs_mk Value: 0.35758165894035754_1656422411400
.splunk.com/	1970-01-20 12:52:38	Name: _biz_pendingA Value: %5B%5D
.splunk.com/	1970-01-20 12:52:38	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.splunk.com/	1970-01-20 04:08:28	Name: _gid Value: GA1.2.400837711.1656422411
.splunk.com/	1970-01-20 21:38:14	Name: _ga_8Q6D4RLYQL Value: GS1.1.1656422411.1.0.1656422411.0
events.splunk.com/	1970-01-20 04:07:06	Name: acCode Value: null
.splunk.com/	1970-01-20 04:07:02	Name: _dc_gtm_UA-399680-35 Value: 1
.splunk.com/	1970-01-20 04:07:02	Name: _dc_gtm_UA-399680-1 Value: 1
.bing.com/	1970-01-20 13:28:38	Name: MUID Value: 0CF0F803E2516D3B3FA9E9D2E37B6C57
.bat.bing.com/	1970-01-20 04:17:07	Name: MR Value: 0
.6sc.co/	1970-01-20 21:38:14	Name: 6suuid Value: cf3a22175b2200000b00bb6285020000a024af00
.taboola.com/	1970-01-20 12:52:38	Name: t_gid Value: f15ef3f8-b5b8-493d-8de6-f5fe80a43a64-tuct9b4858b
.splunk.com/	1970-01-20 06:16:38	Name: FPAU Value: 1.2.1162720168.1656422412
.ws.zoominfo.com/	1970-01-20 12:52:38	Name: visitorId Value: 4864fc01329fa3f87d49d29640f31859958cb8e0881906c82f7f4c215f8e5138
.splunk.com/	1970-01-20 12:52:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jun+28+2022+13%3A20%3A11+GMT%2B0000+(GMT)&version=6.18.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fevents.splunk.com%2FSip-SOAR-to-Risk-Based-Alerting%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY23Q2_FMM_AMER_WBR_SEC_EN_Sip_SOAR_RBA_072822%26LST%3DEmail1&groups=1%3A1%2C2%3A1%2C3%3A1%2C4%3A1
.splunk.com/	1970-01-20 04:08:28	Name: _uetsid Value: 0a0b4ee0f6e511ecbaa5dd0c809d8c45
.splunk.com/	1970-01-20 13:28:38	Name: _uetvid Value: 0a0b6ff0f6e511ecb12a87ae5b605010
.splunk.com/	1970-01-20 06:16:38	Name: _fbp Value: fb.1.1656422411851.203147942
events.splunk.com/	1970-01-20 21:38:14	Name: _gd_svisitor Value: cf3a22175b2200000b00bb6285020000a024af00
events.splunk.com/	1970-01-20 21:38:14	Name: _gd_visitor Value: f60a45f6-32c0-4589-81f3-0f655972db91
events.splunk.com/	1970-01-20 04:07:16	Name: _gd_session Value: 9c212f85-f0ad-4da2-86b5-cff35dd5ec8b
.linkedin.com/	1970-01-20 06:16:38	Name: li_sugr Value: ff200631-5f9e-457e-a440-85038418e27c
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:38:56	Name: bcookie Value: "v=2&5fb1ad3e-9584-4569-8dbb-f415484366cc"
.linkedin.com/	1970-01-20 04:08:28	Name: lidc Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2813:u=1:x=1:i=1656422411:t=1656508811:v=2:sig=AQEomzaRg_XJrs2ReIC6l5ttndBWOsb4"
events.splunk.com/	1970-01-20 04:17:07	Name: _an_uid Value: 0
.facebook.com/	1970-01-20 06:16:38	Name: fr Value: 08HQ1jVGEvTTLVKJO..BiuwAL...1.0.BiuwAL.
events.splunk.com/	1970-01-20 04:07:02	Name: outbrain_cid_fetch Value: true
.linkedin.com/	1970-01-20 04:50:14	Name: UserMatchHistory Value: AQJzBHivQye0IQAAAYGqeC6sXOf5K9NubQpy0cK7l6KItc8MfJaBKY2BFgRM89FezuJ9RpzcRGA1pg
.linkedin.com/	1970-01-20 04:50:14	Name: AnalyticsSyncHistory Value: AQJepUud7i6MfQAAAYGqeC6s68aiMzRm3pyMyqJpfuob-hzyzvyoUtgcbnJ2uZFZoGgnyifB6Kc8wzb5v7kSog
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 21:38:56	Name: bscookie Value: "v=1&20220628132012226b68c0-6df4-4dd0-8137-0002fb0daa76AQGnPyDHWz1p8uoDkzDixi-rqu1Tq4Ji"
www.clarity.ms/	1970-01-20 12:52:38	Name: CLID Value: 47bdfe94f4bf4991bff91dac4ed7fa7d.20220628.20230628
.splunk.com/	1970-01-20 13:36:26	Name: _cs_c Value: 0
.splunk.com/	1970-01-20 13:36:26	Name: _cs_id Value: fcec8a7e-6347-a68d-821c-40826cedad8b.1656422412.1.1656422412.1656422412.1.1690586412274
.splunk.com/	1970-01-20 04:07:04	Name: _cs_s Value: 1.0.0.1656424212275
.splunk.com/	1970-01-20 12:52:38	Name: _clck Value: 877om5\|1\|f2p\|0
.adsymptotic.com/	1970-01-20 06:16:38	Name: U Value: 43219dd62c7a7f908207b4b011893c88
analytics.vendemore.com/	1970-01-20 12:52:38	Name: vaid Value: 9657568819857918
events.splunk.com/	1970-01-20 12:52:38	Name: vlmref Value: 9657568819856983
events.splunk.com/	1970-01-20 12:52:38	Name: vaid Value: 9657568819857918
.adsrvr.org/	1970-01-20 12:52:38	Name: TDID Value: eb8c085e-dd03-4eda-9158-129c27565711
.c.bing.com/	1970-01-20 04:17:07	Name: MR Value: 0
.c.bing.com/	1970-01-20 13:28:38	Name: SRM_B Value: 0CF0F803E2516D3B3FA9E9D2E37B6C57
.splunk.com/	1970-01-20 04:08:28	Name: _clsk Value: lzgv2c\|1656422412665\|1\|1\|j.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:28:38	Name: MUID Value: 0CF0F803E2516D3B3FA9E9D2E37B6C57
.c.clarity.ms/	1970-01-20 04:17:07	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 04:07:03	Name: ANONCHK Value: 0
.adnxs.com/	1970-01-20 06:16:38	Name: uuid2 Value: 2183682153966211275
.doubleclick.net/	1970-01-20 13:28:38	Name: IDE Value: AHWqTUlLXB8cPToNJ3FQS5j-C2HH0Gaf5LdFsLMXqOYacQTK7VOnOjELNKnMuK5VMMs
.rubiconproject.com/	1970-01-20 12:52:38	Name: khaos Value: L4Y74XOU-17-6SMR
.rubiconproject.com/	1970-01-20 12:52:38	Name: audit Value: 1\|VBfw3MdZDyBcLq/AYJNmF6EZDJ8kwfI8m2RQ8d+FBJAeECEUBMheil6ax0rLoJs2LSWg+TBbAR8wHTRO1/p4iHX0qfg68IpFQAPcN3ARK84GKRfLgvZwystcfxx9taWg6+Inca2BHvGKhnRB+9w1ulOyp6bjkRwe+FNY0L+HtS/REvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.adsrvr.org/	1970-01-20 12:52:38	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIivrK797E7DoQBRIXCghhcHBuZXh1cxILCOyn7_HexOw6EAUSFgoHcnViaWNvbhILCIr6yu_exOw6EAUYBSACKAMyCwiK8s2c9cTsOhAFQg8iDQgBEgkKBXRpZXIyEAFaB3QwcTR3bDZgAQ..
.splunk.com/	1970-01-20 12:52:38	Name: fs_uid Value: #o-19MVJ7-na1#6007937325469696:6522402295910400/1687958412
.t.co/	1970-01-20 21:38:14	Name: muc_ads Value: 6d88a28a-7da9-402f-9e02-9198439a3af3
.twitter.com/	1970-01-20 21:38:14	Name: personalization_id Value: "v1_oxg7zGgtAM7518Af1gEODA=="
.amazon-adsystem.com/	1970-01-20 08:36:19	Name: ad-id Value: A1U3cwwyY0HIkUubspjT3Mk
.amazon-adsystem.com/	1970-01-22 00:00:48	Name: ad-privacy Value: 0
.rlcdn.com/	1970-01-20 12:52:38	Name: rlas3 Value: CvCSwLenwhXZF0/jJIb7jGlmpjDFE3rQRv9vpFcU7Ho=
.rlcdn.com/	1970-01-20 05:33:26	Name: pxrc Value: CJGA7JUGEgUI6AcQABIGCMrdKhAA
.bidr.io/	1970-01-20 13:35:36	Name: bito Value: AAEJDE7FdgAAABLElq71cA
.bidr.io/	1970-01-20 13:35:36	Name: bitoIsSecure Value: ok
.inzynk.io/	1970-01-20 12:52:38	Name: iztid Value: 1656422424270
events.splunk.com/	1970-01-20 12:52:38	Name: izcid Value: 1656422422404
events.splunk.com/	1970-01-20 12:52:38	Name: iztid Value: 1656422424270
.splunk.com/	1970-01-20 21:38:14	Name: _ga Value: GA1.2.1544350318.1656422411
.splunk.com/	1970-01-20 04:07:02	Name: _gat_UA-399680-1 Value: 1
.splunk.com/	1970-01-20 21:38:14	Name: _ga_5EPM2P39FV Value: GS1.1.1656422411.1.0.1656422417.54
.company-target.com/	1970-01-20 21:38:14	Name: tuuid_lu Value: 1656422417
.company-target.com/	1970-01-20 21:38:14	Name: tuuid Value: 0418cf51-c796-4148-923e-29418d639c64

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abm2.listenloop.com
amplify.outbrain.com
analytics.google.com
analytics.inzynk.io
analytics.twitter.com
analytics.vendemore.com
api.company-target.com
b.6sc.co
bat.bing.com
c.6sc.co
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c.contentsquare.net
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d2hya7iqhf5w3h.cloudfront.net
d6tizftlrpuof.cloudfront.net
edge.fullstory.com
events.splunk.com
geolocation.onetrust.com
ib.adnxs.com
id.rlcdn.com
img.en25.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
j.clarity.ms
js.adsrvr.org
match.adsrvr.org
match.prod.bidr.io
metadata-static-files.sfo2.cdn.digitaloceanspaces.com
p.adsymptotic.com
pips.taboola.com
pixel.rubiconproject.com
pt37ad6f6a.execute-api.us-east-1.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
rs.fullstory.com
s.amazon-adsystem.com
s1528.t.eloqua.com
s1528.t.en25.com
scripts.demandbase.com
secure.adnxs.com
segments.company-target.com
sgtm.splunk.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
t.contentsquare.net
tags.inzynk.io
tm.vendemore.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
v2.listenloop.com
w.usabilla.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.linkedin.com
b.6sc.co
pt37ad6f6a.execute-api.us-east-1.amazonaws.com
104.18.100.194
104.244.42.133
104.244.42.3
13.107.42.14
13.33.94.103
13.33.94.123
13.33.94.51
13.48.144.168
141.226.224.32
141.226.224.48
142.0.173.20
142.0.173.31
142.0.173.42
142.250.80.34
146.75.36.157
151.101.65.44
152.199.2.76
18.210.134.214
20.110.81.91
20.85.30.134
2001:4860:4802:32::181
2001:4de0:ac18::1:a:1a
205.185.216.42
209.54.180.3
23.1.192.215
23.1.193.196
23.208.217.104
2600:141b:13:7a7::1c91
2600:141b:13::17d7:82d1
2600:1901:0:a57b::
2600:9000:213b:a00:12:dfa9:e200:93a1
2606:4700:10::6814:b944
2606:4700:3035::6815:4687
2606:4700::6810:650c
2606:4700::6810:9540
2606:4700::6812:bcf
2607:f8b0:4004:c09::9c
2607:f8b0:4006:808::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:822::2003
2607:f8b0:4006:822::2008
2620:1ec:21::14
2620:1ec:27::cafe:1822
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::300
3.121.48.255
3.216.183.243
35.186.194.58
35.190.60.146
35.201.112.186
35.71.131.137
52.0.243.149
54.236.151.164
68.67.161.210
68.67.179.135
69.173.151.100
70.42.32.31
99.84.194.217
99.84.22.46
99.84.23.225
99.84.28.145
99.84.31.73
0211cd110c45f7728d81032c691444f922b223042456c334e5edae5cbb6ebca5
07bd9208924103ac310b9a3f9ea1b961d29b05a1cf7e0f20c9fe262c2ca0b000
08901486318285d72520bbaa7694c2ac86a7ee9131968ac4226d90441fa16ced
0cfb01c59089b6e8884979e7000714cca38deffa7ab26109c694a55ce73e44f9
0e7833650725133a9fd5e92a8682748f32fe9e93fd5d6adcd08a7f25003771e3
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
187de9a41cce144498ecdafbe01069c3feb03cfef360c6a273e3a27f489a75fc
18ebe9bdad62157aa065d81e1395ec746591382b6b663287974e552d46f63274
199b59f8a3e2e20ac1e1e8cd01059b415b02ef8e4dc865d32d901b81ead11529
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1b4b996c60d1f69e1bdcc5a662178f365c6d82ab7c64fdf2a3f6cdb3062afea8
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
209cdfebd5c4a80669ec8c8135abc7be73f3b79f651bd1ec8f4f42a40d56c757
21e3a256075791af0bc34fd4cc55ec1209c0c159d68a3b1c5b9a150d5d78a4df
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e
3abb9c51b30aa2f09fe1c74f5ae5dd176efb43bb451e67e34943e7e77f13e1ad
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
423a5721f1ed5aa4ca4b96deb576271a6cb3fc42a3c3cd11c9327284254d3f6f
45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec
4525ae0dc0135b041205b9680687c77e5ffde6e9519b8601b08ac4c2ef0a42d4
463b1656517135e0f8ebaa634113c71af5e16063afa0c2ec65542e57884d1d30
4a2de4125e63c0db3ebac9e9ec44092ac3a1fda1942dc370637a234775a374c1
4e8c41ec5e8e2e52b32736b40e4361cebaad6ade1d6c3cb5f8d6000d9535ac27
4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3
5305a0da6cfa332362896497fa5996cb6e1497920d70f915eca7ac9fd337371d
54c92804a5f97113030e5307876352f27f1623775916b78311a3131a6bf89fab
54e752d789aafe467b43bac6c58b58ea32d111a889ea2c9385fd821b93945c86
54f746f34aede748df2339a8d8ead0b63c923c4556ca8c571d87f7e87bf79daa
56b9ae4b38839806728d30132175df8c0165174bffd66d91b8f69925ef668ca5
5ed5fcce46bb4fd8a28b61d36cf60873c102829299f6f5576d799e0366509716
5edfbb0e96c6e82d39a49c2bef3f1e998df5d53f8145315a87bdb4bbdd6fa0d2
65dad26d197878fdddaaa0ab1990b6a0bc7f6853c6db2af3e1970ba6c2f5b2a8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd6f89b1e7f7eef3650d12eb6b8b0b9a839034f1917cccfafb5d22f549d5529
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e5b1784c20ec25b8dfd23ce10d089a5ec4c5cd527a87030ea617ed39c190455
6f32bd5c659b9df6f38188fd107ea815e21ce95e1fa4609aa84d70b359628c10
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
7140ad22c7984782117601ce9c164359adff68b070e692079f950473938ccdbe
718101d7a02bf9d05e6607fdf87b99d90bc9193f97590ba69eab4ad87f8b2485
75afc0ac0524c8394367a5f8c558aa0f2466e594be89fbd2d67ad4f90be66e6a
7bf37222c7bd35ac66f914406099505059aa336165e3c9b942f78dcc2feaf4a1
7c2783718baefb66f7810aedae99e6bbabd3713e0f6098079f6ff9b4d1433bc2
7d5df92337c2a6e75e735fbc9a5a1c042f9e6c841b0dd5fb5d14921e9ae8d331
80f743a46515dd1ed862df487e1e450bebf1ac3d5394aa1ae79adeea897a4f05
81406743991f669003544635208cddc5ab38874529b1c425fb60ceb02e8f1218
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
856480dfbd572e8e51fd582b4744916dc6708b2cf12eb311d749f0dc16250410
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8946e8ab0408c419e21f26f0da2b8cf9c984eb9b29400d3289750398cb23e3ea
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e038b564510a45dc11799f74da367733f3db7f9c0a0434f1e90c44ec5168278
8e4a21f8b9b0ad36dea4db371c1cbbd2b055f24404a7dbb277c9cc2454f9a2e3
928abacd2ab4460beee94cec0a465355a04c546c1dc7f205347aa322d5ee1e3e
92b770fff5ec965d8383a31102fb80865d50fa4c47ae4eeccb7c5d647c011547
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9397b31aa147681c5b7b5a98f2b123ecdf6b48216b865b79b8e4d68a23f104dd
95d1557e564c3969792919d877218bf060d68f01f298d747be0ed04155d44050
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ec10171321f7c5a2a1a015667e6b74cca6395159ae88b98d747c3083d9fc681
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4f562534e62ae4287bbb482954c259b1089bba05611d0bbb06d48811c9125b1
a52bb6e8d120c194fb3c184f9af610501526c368c6fc4224916eae858f12bc77
aa6b8c0d433eb522e39d9a179e360a6eb5980c9f3addb3e80ad4fffee9e736b8
aa7aff8ab4c295be46be593b89b26da2a2ade258810e6b81a0b8c7c883dc50bd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af46c4623817a695dccc34bad3dd0e49593e1d154ccb085b823f07e99637f9e8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b43ccae2bca74208dafa4c3e5f55db48302eb1571ec064b7b2787a70a4a16f5b
bca084b988b009db5b08cde39e59af5d14df63d377d3a3b71bd8c57943850d4d
be2da6f7cd2b1aca420ceea5b5513b3c50af4028188ec5e9b2b7b6a99fc54030
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
c18c407d87bbb439f03abe658c52c54420e1ddb231651589bbb5c4e1e88a0040
c9e5b66a3170f61b799e7154192102daf1b785d3bbf523f8cc97d4e0e967c778
ca39225d55fb1329f98236ee689af42d5c8f21258b7cfe73640c8f7c21220d63
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caa7d2cbd0daf9252bea36e5aa524c4afa70612dbb320870b45f7412e6a8849a
cc1f659daf63461436e403716d5e33a4afa5ad5f4f19826049343c74e1e8d01b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d707ba511936ff11eb80a227510ad8e82667fce06d11a9cdb0b1f00b56be0798
da5d487f1fe8c4f5bba93bab0b071aed1249cf770ffdbc0144a86a4c2bae3c2c
dac06c3ef05129947ab8af3268303eabb670f9bc3d82ae3918637f94f463eee3
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ea77ea1df7794b630ff8be882c7af3373b04182981955646f6842fbf6ee36d4c
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb9dde5b0100f6fa114a75ec6662bd75575b3d677cff4f70c0545c08300ac2ca
ed7057bc83eaa1f5f069b71f61aa39b9643e7422fc27e4d2b3ab59e2d0585ef2
ee1d06c504be0b79406c94743da4698838f25e51e068d0dceeecdc2a2e488c7f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eee1f9319b7241c317e703f6426889caf67614d4cc98ad8b79b9ac5dba005890
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f7e154777ca21b7dd4b42b282f0424e41b0a73cd9bca1f3f52131435abb7e993
fa36a299aef1370fe42fd7ef5ec17d210655a163706a59441aaa1b5ccd214d5c
fee059163516f87977f291f488826fe8f97b5865a1b40f4119b943a884a3abdb

events.splunk.com Open in urlscan Pro 142.0.173.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

94 %HTTPS

34 %IPv6

45 Domains

73 Subdomains

58 IPs

5 Countries

1561 kBTransfer

4455 kBSize

80 Cookies

17 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

events.splunk.com Open in urlscan Pro
142.0.173.20 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

94 %
HTTPS

34 %
IPv6

45
Domains

73
Subdomains

58
IPs

5
Countries

1561 kB
Transfer

4455 kB
Size

80
Cookies

140 HTTP transactions
5 data transactions