events.splunk.com Open in urlscan Pro
142.0.173.20  Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://s1528.t.en25.com/e/er?s=1528&lid=58793&elqTrackId=ef8892794c7842a488c3ab3686cae631&elq=4dc6f95f26404f44848d6f022438c8a4&elqaid=67017&elqat=1 HTTP 302
   https://s1528.t.eloqua.com/e/er?s=1528&lid=58793&elqTrackId=ef8892794c7842a488c3ab3686cae631&elq=4dc6f95f26404f44848d6f022438c8a4&elqaid=67017&elqat=1 HTTP 302
   https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66727%26time%3D1678752741231%26url%3Dhttps%253A%252F%252Fevents.splunk.com%252FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%253Futm_medium%253Demail%2526utm_source%253Dsplunk%2526utm_campaign%253DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%2526LST%253DEmail1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&cookiesTest=true&liSync=true&e_ipv6=AQJKM3U8miwXCgAAAYbddflHDkS6u1ex1RcqiMJYN9DTrJADXf7j4ne0VxPVnagHXnb-6Gx7

Request Chain 98

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B18116125B8D4F6486EA9CEB6F95FD71&RedC=c.clarity.ms&MXFR=2E5BFB2C590E61591C6AE9F85D0E6F75 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18116125B8D4F6486EA9CEB6F95FD71&MUID=0AEE73C945B06D903B2D611D448B6CAD

Request Chain 99

• https://insight.adsrvr.org/track/up?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&upid=afx4zne&upv=1.1.0 HTTP 302
• https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&upid=afx4zne&upv=1.1.0

Request Chain 109

• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
• https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 110

• https://ups.analytics.yahoo.com/ups/55953/sync?uid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
• https://ups.analytics.yahoo.com/ups/55953/sync?uid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1S6Ab9JE2uJWsY9WXXg5kUptHAIJ4VU-~A&gdpr=0

Request Chain 111

• https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04 HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D1afe9216-bb65-4e6c-bb8b-3cc49f3eda04 HTTP 302
• https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612515770122134136&ttd_tdid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security Show response events.splunk.com/ Redirect Chain https://s1528.t.en25.com/e/er?s=1528&lid=58793&elqTrackId=ef8892794c7842a488c3ab3686cae631&elq=4dc6f95f26404f44848d6f022438c8a4&elqaid=67017&elqat=1 https://s1528.t.eloqua.com/e/er?s=1528&lid=58793&elqTrackId=ef8892794c7842a488c3ab3686cae631&elq=4dc6f95f26404f44848d6f022438c8a4&elqaid=67017&elqat=1 https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=...	74 KB 15 KB	589ms 369ms	Document text/html	142.0.173.20 NETDYNAMICS
General Check archive.org Show headers Download Go to Full URL https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.0.173.20 Toronto, Canada, ASN7160 (NETDYNAMICS, US), Reverse DNS Software / Resource Hash b304bcecc780ab5d72305e279dfc654007700634e41e3a18ffd145689da899e8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control no-store Content-Encoding gzip Content-Length 15174 Content-Type text/html; charset=utf-8 Date Tue, 14 Mar 2023 00:12:19 GMT Expires -1 P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Pragma no-cache Strict-Transport-Security max-age=31536000 Vary Accept-Encoding X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Redirect headers Cache-Control no-store Content-Length 332 Content-Type text/html; charset=utf-8 Date Tue, 14 Mar 2023 00:12:19 GMT Expires -1 Location https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Robots-Tag noindex, nofollow X-Xss-Protection 1; mode=block
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/	119 KB 20 KB	73ms 35ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://events.splunk.com/ Origin https://events.splunk.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 1069 age 89690 cdn-cachedat 12/26/2022 11:16:54 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:00 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"7f89537eaf606bff49f5cc1a7c24dbca" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 22f2b807c56303e5898947c02ece83a8 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 7a784df2a96d4bb9-YUL cdn-requestpullsuccess True
GET H/1.1	200 OK	%7B6190daac-134e-41a8-a14b-b5f63bdc2cc5%7D_splunk-data-sans.css img.en25.com/Web/SplunkInc/	83 KB 63 KB	284ms 97ms	Stylesheet text/css	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B6190daac-134e-41a8-a14b-b5f63bdc2cc5%7D_splunk-data-sans.css Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash eb9dde5b0100f6fa114a75ec6662bd75575b3d677cff4f70c0545c08300ac2ca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 63906 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Thu, 26 Mar 2020 16:24:34 GMT ETag "18c02998b3d61:0" Vary Accept-Encoding Content-Type text/css Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7Bd8269de2-df43-45aa-8af4-fb6f7095cfd3%7D_style_lp_2022_final.css img.en25.com/Web/SplunkInc/	35 KB 7 KB	277ms 91ms	Stylesheet text/css	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7Bd8269de2-df43-45aa-8af4-fb6f7095cfd3%7D_style_lp_2022_final.css Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 416acb714e708a2ece35e6bec584b916d30c2dba0c16f46daa6d7d4498a73254 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 6589 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Mon, 24 Oct 2022 17:22:25 GMT ETag "da97682fcde7d81:0" Vary Accept-Encoding Content-Type text/css Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7Bc8604310-f703-4114-8ad9-d86aaa409cd4%7D_style_lp_2020_additional.css img.en25.com/Web/SplunkInc/	3 KB 1 KB	278ms 92ms	Stylesheet text/css	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7Bc8604310-f703-4114-8ad9-d86aaa409cd4%7D_style_lp_2020_additional.css Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 7140ad22c7984782117601ce9c164359adff68b070e692079f950473938ccdbe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 776 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Tue, 24 May 2022 13:09:29 GMT ETag "386663806f6fd81:0" Vary Accept-Encoding Content-Type text/css Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7Bee53b8d2-3577-41a9-924d-e67b4e8acd00%7D_submitButtonStyle.css img.en25.com/Web/SplunkInc/	348 B 778 B	290ms 101ms	Stylesheet text/css	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7Bee53b8d2-3577-41a9-924d-e67b4e8acd00%7D_submitButtonStyle.css Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 75afc0ac0524c8394367a5f8c558aa0f2466e594be89fbd2d67ad4f90be66e6a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 196 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Thu, 12 May 2022 19:02:31 GMT ETag "df82aed43266d81:0" Vary Accept-Encoding Content-Type text/css Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H2	200	jquery-1.12.4.min.js Show response code.jquery.com/	95 KB 33 KB	108ms 29ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.12.4.min.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers Referer https://events.splunk.com/ Origin https://events.splunk.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-17b8b" vary Accept-Encoding x-hw 1678752740.dop012.dc2.t,1678752740.cds238.dc2.hn,1678752740.cds207.dc2.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33738
GET H/1.1	200 OK	%7B19a539b9-3a7f-484c-83f4-f542208cddd4%7D_crmt-form-strings_200618-EN.js Show response img.en25.com/Web/SplunkInc/	1 KB 1006 B	290ms 100ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B19a539b9-3a7f-484c-83f4-f542208cddd4%7D_crmt-form-strings_200618-EN.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 6e5b1784c20ec25b8dfd23ce10d089a5ec4c5cd527a87030ea617ed39c190455 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 408 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Thu, 17 Feb 2022 21:03:31 GMT ETag "8fa9acd14124d81:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7B96125654-4651-49ca-886d-27933684999e%7D_script-form-2020_final_-_11_11_21_update.js Show response img.en25.com/Web/SplunkInc/	18 KB 5 KB	301ms 108ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B96125654-4651-49ca-886d-27933684999e%7D_script-form-2020_final_-_11_11_21_update.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 54e752d789aafe467b43bac6c58b58ea32d111a889ea2c9385fd821b93945c86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 4266 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Tue, 30 Nov 2021 05:49:00 GMT ETag "3a6481f9ade5d71:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	26 KB 9 KB	68ms 33ms	Script application/javascript	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:20 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 XP5ufGIMVAznk1F+pqtwzg== age 5129 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 8618 x-ms-lease-status unlocked last-modified Mon, 13 Mar 2023 03:48:21 GMT server cloudflare etag 0x8DB2375CA38422A vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id ce0ead54-a01e-0132-10dc-55c663000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7a784df2af9aecea-YUL
GET H/1.1	200 OK	%7B57c9aad4-aabf-4161-943b-819580c527ed%7D_querystring_parameters-01Aug2018.js Show response img.en25.com/Web/SplunkInc/	2 KB 1 KB	374ms 95ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B57c9aad4-aabf-4161-943b-819580c527ed%7D_querystring_parameters-01Aug2018.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 18ebe9bdad62157aa065d81e1395ec746591382b6b663287974e552d46f63274 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 655 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 08 Aug 2018 11:38:55 GMT ETag "743c8e63c2fd41:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7B651b98aa-198d-4b05-a6ac-a0f2cdd19b08%7D_one_submit.js Show response img.en25.com/Web/SplunkInc/	2 KB 1 KB	370ms 91ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B651b98aa-198d-4b05-a6ac-a0f2cdd19b08%7D_one_submit.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash ca39225d55fb1329f98236ee689af42d5c8f21258b7cfe73640c8f7c21220d63 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 922 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Thu, 28 Jan 2016 15:12:17 GMT ETag "feab646de59d11:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/	39 KB 12 KB	58ms 24ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://events.splunk.com/ Origin https://events.splunk.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 871 age 89690 cdn-cachedat 12/20/2022 09:10:35 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:00 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"2f34b630ffe30ba2ff2b91e3f3c322a1" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid fdccd80e5caf6d7f9b7adcc0da3bafd0 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 7a784df2a96f4bb9-YUL cdn-requestpullsuccess True
GET H/1.1	200 OK	%7B7e5de319-27af-485c-b0b0-c16cacbf63fa%7D_script-lp-2020_2_18_22.js Show response img.en25.com/Web/SplunkInc/	4 KB 2 KB	382ms 94ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B7e5de319-27af-485c-b0b0-c16cacbf63fa%7D_script-lp-2020_2_18_22.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 7d5df92337c2a6e75e735fbc9a5a1c042f9e6c841b0dd5fb5d14921e9ae8d331 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Unused62 8096267 Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 1082 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Sat, 19 Feb 2022 00:16:30 GMT ETag "5dd4b0f12525d81:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7B0522df68-c290-4b2e-9895-ccd3eb9d2fe7%7D_crs.min11-5-18build.js Show response img.en25.com/Web/SplunkInc/	68 KB 38 KB	387ms 98ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B0522df68-c290-4b2e-9895-ccd3eb9d2fe7%7D_crs.min11-5-18build.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash ee1d06c504be0b79406c94743da4698838f25e51e068d0dceeecdc2a2e488c7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 37928 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Tue, 06 Nov 2018 05:27:50 GMT ETag "cdb86759175d41:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	livevalidation_standalone.compressed.js Show response img.en25.com/i/	13 KB 4 KB	394ms 96ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/i/livevalidation_standalone.compressed.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 36ef1cf6246ce3d596a572d7b0e947a7088eefb1af6373f1a0669c9189a6728e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 3717 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Wed, 11 Jan 2023 20:34:04 GMT ETag "45e8adbfc25d91:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex, nofollow Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H2	200	bizible.js Show response cdn.bizible.com/scripts/	83 KB 32 KB	91ms 25ms	Script application/x-javascript	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/scripts/bizible.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (nyb/1DD2) / Resource Hash f78a1303d22a5f790037b2fed9c39ebfa1ada81972d8baa731f6f0d46ff7518f Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT content-encoding gzip last-modified Sun, 12 Mar 2023 11:16:06 GMT server ECS (nyb/1DD2) age 39187 etag "640f39d454d91:0" vary Accept-Encoding x-cache HIT content-type application/x-javascript cache-control max-age=86400 accept-ranges bytes content-length 32326
GET H/1.1	200 OK	%7B22418cbc-7d3c-4da2-bb52-d42bf515f4b3%7D_move-to-top.js Show response img.en25.com/Web/SplunkInc/	561 B 856 B	460ms 92ms	Script application/x-javascript	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.en25.com/Web/SplunkInc/%7B22418cbc-7d3c-4da2-bb52-d42bf515f4b3%7D_move-to-top.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 209cdfebd5c4a80669ec8c8135abc7be73f3b79f651bd1ec8f4f42a40d56c757 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Date Tue, 14 Mar 2023 00:12:20 GMT P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 259 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Mon, 11 Mar 2019 12:12:12 GMT ETag "442dd5a83d8d41:0" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7Bc2860ed1-6832-472d-a189-e585f719bd55%7D_lp-splunk-logo.png img.en25.com/EloquaImages/clients/SplunkInc/	2 KB 3 KB	104ms 104ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7Bc2860ed1-6832-472d-a189-e585f719bd55%7D_lp-splunk-logo.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 56b9ae4b38839806728d30132175df8c0165174bffd66d91b8f69925ef668ca5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Unused62 8096267 Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 2412 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Tue, 14 Apr 2020 15:23:57 GMT ETag "7d733b77012d61:0" Content-Type image/png Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7B467b6802-ce77-4a92-aed8-3d9b3474d26a%7D_Arrow.png img.en25.com/EloquaImages/clients/SplunkInc/	2 KB 2 KB	100ms 96ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7B467b6802-ce77-4a92-aed8-3d9b3474d26a%7D_Arrow.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 0211cd110c45f7728d81032c691444f922b223042456c334e5edae5cbb6ebca5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff Last-Modified Mon, 04 Mar 2019 17:18:09 GMT ETag "f344563daed2d41:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 1662 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7Bf89400df-1efe-4452-a2ee-45aa2f3b2ae4%7D_FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB_130855_Security-3.png img.en25.com/EloquaImages/clients/SplunkInc/	54 KB 54 KB	517ms 513ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7Bf89400df-1efe-4452-a2ee-45aa2f3b2ae4%7D_FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB_130855_Security-3.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 91ad8e7bdcd47a008b6b10b386c2f3b69d17df5dab9f19b6892d9c25c521a99a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:21 GMT X-Content-Type-Options nosniff Last-Modified Tue, 28 Feb 2023 13:09:26 GMT ETag "612c58e2754bd91:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 55181 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:21 GMT
GET H/1.1	200 OK	%7B88f689f9-c0b8-4575-9229-18540957d718%7D_FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB_130855_marquis.png img.en25.com/EloquaImages/clients/SplunkInc/	88 KB 89 KB	412ms 407ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7B88f689f9-c0b8-4575-9229-18540957d718%7D_FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB_130855_marquis.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 390d088284ef33eceab2763362788758e700c1ef4a7bc01c55d61d703e6aad86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:21 GMT X-Content-Type-Options nosniff Last-Modified Tue, 28 Feb 2023 17:04:59 GMT ETag "8c1d56ca964bd91:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 90301 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:21 GMT
GET H/1.1	200 OK	%7B1b77fb9d-0f1c-4e9c-a007-0f288b13e919%7D_FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB_130855_Olivia.png img.en25.com/EloquaImages/clients/SplunkInc/	136 KB 136 KB	398ms 395ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7B1b77fb9d-0f1c-4e9c-a007-0f288b13e919%7D_FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB_130855_Olivia.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 61a84de5bd59187798752f894733ededdee0fff2fe9987a07e33052bb1299a18 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:21 GMT X-Content-Type-Options nosniff Last-Modified Tue, 28 Feb 2023 17:05:01 GMT ETag "dedb5fcb964bd91:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 138956 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:21 GMT
GET H/1.1	200 OK	%7Be9588963-1d22-435c-8dc1-9a133fb4fdce%7D_fb.png img.en25.com/EloquaImages/clients/SplunkInc/	238 B 774 B	98ms 95ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7Be9588963-1d22-435c-8dc1-9a133fb4fdce%7D_fb.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 54f746f34aede748df2339a8d8ead0b63c923c4556ca8c571d87f7e87bf79daa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff Last-Modified Fri, 01 May 2020 14:26:25 GMT ETag "99ab9b7ec41fd61:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 238 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7B60e51f68-a39f-4354-a788-b44f60d7fd39%7D_instagram.png img.en25.com/EloquaImages/clients/SplunkInc/	416 B 951 B	98ms 97ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7B60e51f68-a39f-4354-a788-b44f60d7fd39%7D_instagram.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 0cfb01c59089b6e8884979e7000714cca38deffa7ab26109c694a55ce73e44f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff Last-Modified Mon, 18 May 2020 16:52:58 GMT ETag "67dd9c8342dd61:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 416 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7Be41b4de4-03a0-4aee-8617-6f9079f83190%7D_in.png img.en25.com/EloquaImages/clients/SplunkInc/	305 B 860 B	91ms 91ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7Be41b4de4-03a0-4aee-8617-6f9079f83190%7D_in.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 718101d7a02bf9d05e6607fdf87b99d90bc9193f97590ba69eab4ad87f8b2485 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Unused62 8096267 Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Connection keep-alive Content-Length 305 X-XSS-Protection 1; mode=block Pragma no-cache Last-Modified Fri, 01 May 2020 14:26:25 GMT ETag "99ab9b7ec41fd61:0" Content-Type image/png Cache-Control no-store Accept-Ranges bytes X-Robots-Tag noindex Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7B22d85331-213f-4ed7-b4c8-cafe0b9bc236%7D_tw.png img.en25.com/EloquaImages/clients/SplunkInc/	315 B 851 B	92ms 90ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7B22d85331-213f-4ed7-b4c8-cafe0b9bc236%7D_tw.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash 5ed5fcce46bb4fd8a28b61d36cf60873c102829299f6f5576d799e0366509716 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff Last-Modified Fri, 01 May 2020 14:26:25 GMT ETag "99ab9b7ec41fd61:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 315 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7Bdf143b54-578b-4534-b8fa-2f9be627da3f%7D_yt.png img.en25.com/EloquaImages/clients/SplunkInc/	312 B 848 B	92ms 91ms	Image image/png	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7Bdf143b54-578b-4534-b8fa-2f9be627da3f%7D_yt.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash ea77ea1df7794b630ff8be882c7af3373b04182981955646f6842fbf6ee36d4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff Last-Modified Fri, 01 May 2020 14:26:25 GMT ETag "99ab9b7ec41fd61:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/png Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 312 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	svrGP s1528.t.eloqua.com/visitor/v200/	0 398 B	67ms 65ms	Image image/gif	142.0.173.31 NETDYNAMICS
General Check archive.org Show headers Download Go to Show image Full URL https://s1528.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1528&PURLSiteID=4&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=10690&PURLRecordID=0&PURLGUID=00000000000000000000000000000000&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&firstPartyCookieDomain=events.splunk.com&elqGUID=00000000-0000-0000-0000-000000000000&elq_ck=0&utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 142.0.173.31 Toronto, Canada, ASN7160 (NETDYNAMICS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff Content-Type image/gif P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Cache-Control no-store X-Robots-Tag noindex, nofollow Content-Length 0 X-Xss-Protection 1; mode=block Expires -1
GET H2	200	dc7864a0-d3d2-42c1-8cf4-a846549d33bb.json Show response cdn.cookielaw.org/consent/dc7864a0-d3d2-42c1-8cf4-a846549d33bb/	4 KB 2 KB	47ms 23ms	XHR application/x-javascript	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/dc7864a0-d3d2-42c1-8cf4-a846549d33bb/dc7864a0-d3d2-42c1-8cf4-a846549d33bb.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58bb74829eeebc585d628c36f08d52345386c3c7c222e10c168d6f9796eae1a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:20 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 foqmwwwdqjuZ9Ke6pLOBqA== age 79853 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1596 x-ms-lease-status unlocked last-modified Mon, 14 Nov 2022 18:22:35 GMT server cloudflare etag 0x8DAC66D34363FAC vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 49ca3139-201e-008d-14b6-4a9440000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7a784df57b7c33f1-YUL expires Wed, 15 Mar 2023 00:12:20 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	519 KB 127 KB	123ms 47ms	Script application/javascript	2607:f8b0:4006:822::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8f58535947047e3d6b5251223b09a44b534482dfce31a4d8c2a8db36bc5a8e0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 129809 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 14 Mar 2023 00:12:20 GMT
GET H/1.1	200 OK	%7B2ff3b8db-428b-452c-96ce-78e2dc4e7740%7D_21-Splunk-Email_and_LP_Headers-bar-icon-TEMPLATE-112_1600x270-v1.jpg img.en25.com/EloquaImages/clients/SplunkInc/	40 KB 41 KB	168ms 113ms	Image image/jpeg	173.222.13.101 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.en25.com/EloquaImages/clients/SplunkInc/%7B2ff3b8db-428b-452c-96ce-78e2dc4e7740%7D_21-Splunk-Email_and_LP_Headers-bar-icon-TEMPLATE-112_1600x270-v1.jpg Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 173.222.13.101 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a173-222-13-101.deploy.static.akamaitechnologies.com Software / Resource Hash fb169edc03132aa2fdae0266be6cccea74a8f16b56f854e0ad81584757ed270b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains; preload Date Tue, 14 Mar 2023 00:12:20 GMT X-Content-Type-Options nosniff Last-Modified Mon, 27 Dec 2021 15:42:20 GMT ETag "aaf8c5538fbd71:0" P3P CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Content-Type image/jpeg Cache-Control no-store Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex Content-Length 41182 X-XSS-Protection 1; mode=block Expires Tue, 14 Mar 2023 00:12:20 GMT
GET DATA	200 OK	truncated /	119 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3abb9c51b30aa2f09fe1c74f5ae5dd176efb43bb451e67e34943e7e77f13e1ad Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	21 KB 21 KB		Font application/x-font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aa6b8c0d433eb522e39d9a179e360a6eb5980c9f3addb3e80ad4fffee9e736b8 Request headers Referer Origin https://events.splunk.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type application/x-font-woff2;charset=utf-8
GET DATA	200 OK	truncated /	20 KB 20 KB		Font application/x-font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 81406743991f669003544635208cddc5ab38874529b1c425fb60ceb02e8f1218 Request headers Referer Origin https://events.splunk.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type application/x-font-woff2;charset=utf-8
GET DATA	200 OK	truncated /	21 KB 21 KB		Font application/x-font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d707ba511936ff11eb80a227510ad8e82667fce06d11a9cdb0b1f00b56be0798 Request headers Referer Origin https://events.splunk.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type application/x-font-woff2;charset=utf-8
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	67 B 305 B	98ms 45ms	XHR application/json	2606:4700:4400::6812:2b9e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66707b7434e14fc523f2fc692e4a190958a02598dd3d9c45ec0f65f90091727b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 7a784df63e6b7139-YUL access-control-allow-headers Content-Type
GET H2	200	ipv cdn.bizible.com/m/	43 B 305 B	19ms 15ms	Image image/gif	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=95487f7842bd4a3383a5b0293eb174e6&_biz_s=11b4c7&_biz_l=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&_biz_t=1678752740843&_biz_i=Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk&_biz_n=0&rnd=56473&cdn_o=a&_biz_z=1678752740847 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (nyb/1D07) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:20 GMT last-modified Sun, 12 Mar 2023 13:19:12 GMT server ECS (nyb/1D07) age 125588 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type Image/GIF cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	u cdn.bizibly.com/	43 B 203 B	24ms 19ms	Image image/gif	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizibly.com/u?_biz_u=95487f7842bd4a3383a5b0293eb174e6&_biz_s=11b4c7&_biz_l=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&_biz_t=1678752740851&_biz_i=Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk&rnd=616983&cdn_o=a&_biz_z=1678752740851 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (nyb/1D33) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:20 GMT last-modified Sun, 12 Mar 2023 20:10:05 GMT server ECS (nyb/1D33) age 100935 x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type Image/GIF cache-control no-cache, no-store accept-ranges bytes content-length 43 expires -1
GET H2	200	xdc.js Show response cdn.bizible.com/	116 B 524 B	49ms 46ms	Script text/javascript	152.199.2.76 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/xdc.js?_biz_u=95487f7842bd4a3383a5b0293eb174e6&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.03.09 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.2.76 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (nyb/1D31) / Resource Hash 770931c5e3882aa71f2b623cca7a48bd3e946560988478aa140c8674dc085662 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT content-encoding gzip server ECS (nyb/1D31) etag C00D3DFB vary Accept-Encoding p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 content-length 219
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202210.1.0/	381 KB 91 KB	29ms 26ms	Script application/javascript	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:20 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 DjzI+HdyHvhC2OCs+qd+pw== age 4916 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 93164 x-ms-lease-status unlocked last-modified Fri, 16 Dec 2022 04:11:44 GMT server cloudflare etag 0x8DADF1BA4D9E9D9 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id ec1cb272-b01e-00e5-6eab-4aca11000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7a784df68c87ecea-YUL
GET H2	200	en.json Show response cdn.cookielaw.org/consent/dc7864a0-d3d2-42c1-8cf4-a846549d33bb/5f7c287b-8415-4d61-8356-3c7be00aa27e/	53 KB 11 KB	32ms 32ms	Fetch application/x-javascript	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/dc7864a0-d3d2-42c1-8cf4-a846549d33bb/5f7c287b-8415-4d61-8356-3c7be00aa27e/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c410092558f5c58388ff42bb28ab0358c398c1ab87b39a6b7225ce769d565f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:20 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 jK7FODzLvlOtTpgEEuXRNQ== age 79852 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 11075 x-ms-lease-status unlocked last-modified Mon, 14 Nov 2022 18:22:40 GMT server cloudflare etag 0x8DAC66D36FD1252 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b499742b-201e-00c9-46a5-4a482c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7a784df70e8033f1-YUL expires Wed, 15 Mar 2023 00:12:20 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202210.1.0/assets/	13 KB 3 KB	42ms 39ms	Fetch application/json	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:21 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 JuDKxv1jf1Hw0JXasvCaSg== age 79853 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3007 x-ms-lease-status unlocked last-modified Fri, 16 Dec 2022 04:11:35 GMT server cloudflare etag 0x8DADF1B9F221620 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id d4e4a9a3-301e-0092-7bbf-524f50000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7a784df77f3933f1-YUL
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/	62 KB 13 KB	33ms 29ms	Fetch application/json	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/otPcTab.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67e40afea590dbd487bf12f6ceaa5c16e606cbec9268c64b69a371d5fb3cc09b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:21 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 cWUYtlJNLE0cQ+nS16W3mQ== age 79853 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 13271 x-ms-lease-status unlocked last-modified Fri, 16 Dec 2022 04:11:38 GMT server cloudflare etag 0x8DADF1BA0C0E16F vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 866c49f3-901e-015c-1ad2-226f4a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7a784df77f3a33f1-YUL
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202210.1.0/assets/	21 KB 4 KB	43ms 40ms	Fetch text/css	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 oQsmwuIlJWH4cKDxpI1ltA== age 79853 x-ms-lease-status unlocked last-modified Fri, 16 Dec 2022 04:11:48 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 5555cf76-101e-002f-7dd2-2259dc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 7a784df77f3c33f1-YUL
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	128ms 13ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 14 Mar 2023 00:12:06 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 15 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 14 Mar 2023 02:12:06 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	13 KB 5 KB	135ms 22ms	Script application/x-javascript	2600:1400:d::17db:5c72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d::17db:5c72 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 10 Jan 2023 17:22:56 GMT x-cdn AKAM vary Accept-Encoding content-type application/x-javascript;charset=utf-8 cache-control max-age=25528 accept-ranges bytes content-length 4777
GET H2	200	bat.js Show response bat.bing.com/	40 KB 12 KB	155ms 42ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 14 Mar 2023 00:12:21 GMT last-modified Thu, 16 Feb 2023 18:31:53 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3EA4D566C0C94188B9EFAC282149DC15 Ref B: YMQ01EDGE0619 Ref C: 2023-03-14T00:12:21Z etag "8072cff03442d91:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 11894
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1341559/	58 KB 18 KB	130ms 23ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1341559/tfa.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash dff81ec466215ad7954cd5a58f758f4efe92991f84098969b3d06787dbd39cd1 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-amz-version-id sKUkUzHTnpO3GUr_T2E91sL9yO5dmYA. content-encoding gzip via 1.1 varnish date Tue, 14 Mar 2023 00:12:21 GMT x-amz-request-id 59M9W8D4KWD8BMJY age 6 x-amz-server-side-encryption AES256 x-cache HIT x-amz-replication-status COMPLETED content-length 18160 x-amz-id-2 J7MTrPlOqBVsRCLYfuBXQzd+QBR2KQFmC0shgy+RmGDWtupm7lY2lR66GZjgej5LoCa6+5hTllU= x-served-by cache-yyz4566-YYZ last-modified Sun, 12 Mar 2023 11:04:02 GMT server AmazonS3 x-timer S1678752741.182824,VS0,VE1 etag "908661ece2f3d02cf44ab13c805a3ca8" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 14 access-control-allow-origin * cache-control private,max-age=14401 accept-ranges bytes x-cache-hits 1
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	23 KB 8 KB	125ms 21ms	Script application/javascript	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Mon, 23 Jan 2023 21:56:14 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "03d5db9dfd00a5719bb4c9261e6fa1bb" vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 7356
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 28 KB	289ms 54ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 14 Mar 2023 00:12:21 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27907 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug dl57qxqN9+f5bB6X2QLdHIvLsSGc4S6Ruc35lLLxs/5M+FwKTW2Ikvg9TCioIsfwGqJKsX0qOI7waQHISDPBig== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	4 KB 2 KB	185ms 19ms	Script application/x-javascript	143.204.138.162 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.138.162 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-138-162.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Mon, 13 Mar 2023 00:26:37 GMT Content-Encoding gzip Via 1.1 c9b8615e0529e4075f3b458a6fe96d44.cloudfront.net (CloudFront) Last-Modified Thu, 24 Sep 2020 15:15:34 GMT Server AmazonS3 X-Amz-Cf-Pop EWR52-C2 Age 85545 ETag W/"98d98b3499058b76d58073cf8ede2f10" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/x-javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id hqERxyvpCQKM98aOCuIUEkslERlsJJsXbHdcX4HuwfXgSTgZ0sAfgQ==
GET H2	200	cs.js Show response tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/	408 B 562 B	423ms 95ms	Script application/javascript	3.121.48.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/cs.js?c=1678752741093 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.121.48.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-48-255.eu-central-1.compute.amazonaws.com Software / Resource Hash 6bd6f89b1e7f7eef3650d12eb6b8b0b9a839034f1917cccfafb5d22f549d5529 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip access-control-max-age 3600 vary Accept-Encoding access-control-allow-methods POST, PUT, GET, OPTIONS, DELETE access-control-allow-origin * content-type application/javascript;charset=utf-8 access-control-allow-headers Authorization, Content-Type, username, password
GET H2	200	lp.js Show response metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/	6 KB 6 KB	129ms 32ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/pixel/lp.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 10261b710e399a8cee22c8ff4118167d91ac58254f5bf0291036d2219dd5cf25 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT strict-transport-security max-age=15552000; includeSubDomains; preload last-modified Thu, 22 Sep 2022 17:10:43 GMT x-amz-request-id tx00000000000007577ae02-00640a133e-4a0466ab-sfo2a etag "9a8767fa98da937fb02cdbbc52a101bb" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin x-hw 1678752741.dop202.dc2.t,1678752741.cds002.dc2.hn,1678752741.cds041.dc2.c content-type application/x-javascript cache-control max-age=233945 x-rgw-object-type Normal accept-ranges bytes content-length 5776
GET H2	200	6si.min.js Show response j.6sc.co/	33 KB 11 KB	134ms 29ms	Script application/javascript	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 0d9dbf31d05263a24eb79aaf7c6e26917c6ccd31b642bb4a1d34292e25daa405 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 09 Mar 2023 21:36:45 GMT server nginx/1.14.0 (Ubuntu) etag "640a516d-8319" vary Accept-Encoding content-type application/javascript cache-control private, no-cache, proxy-revalidate accept-ranges bytes content-length 10492 expires Tue, 14 Mar 2023 00:12:21 GMT
GET H2	200	rz5la3FlMSNo3OYdIkfj Show response ws.zoominfo.com/pixel/	2 KB 2 KB	266ms 174ms	Script text/javascript	2606:4700::6810:a852 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/rz5la3FlMSNo3OYdIkfj Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash f6a9a561a1e4d1c0acfa40febfe58e75a0728e8fd4809bac9ca41ab1f1ba8cb4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cf-ray 7a784df94c5f33ee-YUL access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	obtp.js Show response amplify.outbrain.com/cp/	17 KB 6 KB	127ms 32ms	Script application/x-javascript	23.197.181.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/cp/obtp.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.197.181.111 Billerica, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-197-181-111.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 3c4aacb974ed3d0a3d1f57bebc8d97897ce027b0751a5f0da9ee697a825c2f1a Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 00:12:21 GMT Content-Encoding gzip Last-Modified Thu, 02 Feb 2023 09:48:30 GMT Server AkamaiNetStorage ETag "b07048fb19f7c325242e254218118e14:1675339769.124179" Vary Accept-Encoding Content-Type application/x-javascript X-RG NA Cache-Control max-age=1200 X-CC CA Connection keep-alive Accept-Ranges bytes Content-Length 5911 Expires Tue, 14 Mar 2023 00:32:21 GMT
GET H2	200	alloy.min.js Show response cdn1.adoberesources.net/alloy/2.6.4/	70 KB 20 KB	212ms 32ms	Script application/x-javascript	2600:1418:a000:296::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn1.adoberesources.net/alloy/2.6.4/alloy.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1418:a000:296::1e80 Eden Prairie, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash d42d86b25af8cc91bada9c95f06d5d2c738163b2bd32873361ca42c3f60fae8c Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding br strict-transport-security max-age=86400 ; includeSubDomains last-modified Tue, 18 Jan 2022 00:30:03 GMT server Akamai Resource Optimizer etag "787f60672bffd0cf1097551d3e8402f0:1631031601.918846" vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600 accept-ranges bytes content-length 20183 expires Tue, 14 Mar 2023 01:12:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	209 KB 73 KB	112ms 39ms	Script application/javascript	2607:f8b0:4006:822::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5EPM2P39FV&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 606817488d258fccf99a282f81b78099ff0cd620b81d0cd64d98a3619f19d62d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 74874 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 14 Mar 2023 00:12:21 GMT
GET H2	200	ot_logo.png cdn.cookielaw.org/logos/static/	13 KB 13 KB	53ms 35ms	Image image/png	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_logo.png Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61e7a7943f7444e87b2af6295044b34292a537a23dd3d9436886e3a2ccf620ca Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 8WyO+79CLtcTX81zrcTfgg== age 7654 content-length 13077 x-ms-lease-status unlocked last-modified Mon, 13 Mar 2023 03:48:29 GMT server cloudflare etag 0x8DB2375CED3EA03 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id f4055ab3-a01e-00be-576b-55cd6d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7a784df86f1cecea-YUL
GET H2	200	poweredBy_ot_logo.svg cdn.cookielaw.org/logos/static/	3 KB 2 KB	66ms 48ms	Image image/svg+xml	2606:4700::6813:bc61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 14 Mar 2023 00:12:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 LpuayL42jB78xRllx0vkOw== age 43571 x-ms-lease-status unlocked last-modified Fri, 10 Mar 2023 03:55:16 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 967c8755-b01e-0169-3f67-53c11f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 7a784df86f20ecea-YUL
GET H2	200	rp.gif alb.reddit.com/	42 B 157 B	119ms 17ms	Image image/gif	151.101.193.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1678752741220&id=t2_4moesf6e&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=04f21d5a-2578-406e-bcb4-610fcea60393&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT via 1.1 varnish server Varnish content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	token Show response cdn.linkedin.oribi.io/partner/66727/domain/events.splunk.com/	36 B 376 B	117ms 18ms	XHR application/json	2600:9000:21ec:ee00:2:53b2:240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.linkedin.oribi.io/partner/66727/domain/events.splunk.com/token Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ec:ee00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89 Request headers Accept * Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 13 Mar 2023 23:54:48 GMT content-encoding gzip via 1.1 2e87071abfb43f80383677f0ef761e82.cloudfront.net (CloudFront) x-amz-cf-pop JFK51-C1 age 1053 vary accept-encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=3600 x-amz-cf-id 1vwHGErZF-851qGWN7lrYxo8gDomTWC6Mr0Z9Ng8afOVaXjQ1VeL-w==
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D66727%26time%3D1678752741231%26url%3Dhttps%253A%252F%252Fevents.splunk.com%252FRa... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%...	0 488 B	87ms 48ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&cookiesTest=true&liSync=true&e_ipv6=AQJKM3U8miwXCgAAAYbddflHDkS6u1ex1RcqiMJYN9DTrJADXf7j4ne0VxPVnagHXnb-6Gx7 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:20 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 887DDF98EE534619B121A8C765C7369D Ref B: YMQ01EDGE0617 Ref C: 2023-03-14T00:12:21Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAX20RTW8loQDTdYSELPXw== Redirect headers date Tue, 14 Mar 2023 00:12:21 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: F4D78C9799F246BCBC71C5698746E06B Ref B: YMQ01EDGE0609 Ref C: 2023-03-14T00:12:21Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=66727&time=1678752741231&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&cookiesTest=true&liSync=true&e_ipv6=AQJKM3U8miwXCgAAAYbddflHDkS6u1ex1RcqiMJYN9DTrJADXf7j4ne0VxPVnagHXnb-6Gx7 x-li-proto http/2 content-length 0 x-li-uuid AAX20RTVo3/rm1WULFqLlQ==
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	38ms 12ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 13 Mar 2023 23:53:04 GMT content-encoding gzip x-content-type-options nosniff age 1157 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 14 Mar 2023 00:53:04 GMT
GET H2	200	json Show response trc.taboola.com/1341559/trc/3/	3 KB 2 KB	88ms 45ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1341559/trc/3/json?tim=1678752741274&data=%7B%22id%22%3A988%2C%22ii%22%3A%22%2Frapid-detection-and-incident-scoping-with-splunk-enterprise-security%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678752741253%2C%22cv%22%3A%2220230312-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dsplunk-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678752741272%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1%22%2C%22tos%22%3A3%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1341559/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 747362646e2fa19a302c89b675b225890da961e44e9cce3c410484032ebb3099 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-vcl-time-ms 30 date Tue, 14 Mar 2023 00:12:21 GMT content-encoding gzip via 1.1 varnish x-served-by cache-yyz4566-YYZ server nginx x-timer S1678752741.441632,VS0,VE30 vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * content-type application/javascript; charset=utf-8 access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	5962822.js Show response bat.bing.com/p/action/	4 KB 2 KB	181ms 144ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5962822.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash d621f68c482001b9d419f9752909f33ddece544bde0f6c4291208ac16fd74f33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 14 Mar 2023 00:12:21 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 17CD073619B748C4A5469030C23B539C Ref B: YMQ01EDGE0619 Ref C: 2023-03-14T00:12:21Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60 content-length 1496
GET H2	204	0 bat.bing.com/action/	0 359 B	56ms 37ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5962822&tm=gtm002&Ver=2&mid=1e756009-21d4-4a76-9cf5-04133701623b&sid=e39cf290c1fc11edb54ba5851da59ff6&vid=e39e8db0c1fc11eda6ee8969c1011cea&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk&kw=Cybersecurity,%20Security,%20Cloud%20Security,%20Detections,%20Cyberthreat,%20Mitre%20Attack,%20SIEM,%20Analytics&p=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&r=&lt=1678&evt=pageLoad&sv=1&rn=287591 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 14 Mar 2023 00:12:21 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8CC8F14E621E4A54A223A6B34065501B Ref B: YMQ01EDGE0619 Ref C: 2023-03-14T00:12:21Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	destination Show response www.googletagmanager.com/gtag/	191 KB 69 KB	69ms 66ms	Script application/javascript	2607:f8b0:4006:822::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=G-8Q6D4RLYQL&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5EPM2P39FV&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2008 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2a1e7d1ac702d29b4765cb56ceefeded24360ba0171dc096c09a44b683e4e4e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 70997 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 14 Mar 2023 00:12:21 GMT
GET H2	200	collect Show response sgtm.splunk.com/g/	65 B 358 B	317ms 107ms	XHR text/plain	2600:1901:0:a57b:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://sgtm.splunk.com/g/collect?v=2&tid=G-5EPM2P39FV&gtm=45je3360&_p=16326993&_gaz=1&cid=19398969.1678752741&ul=en-us&sr=1600x1200&_fplc=0&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sst.uc=CA&_s=1&sid=1678752741&sct=1&seg=0&dl=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&dt=Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk&en=page_view&_fv=1&_ss=1&ep.cookieDomain=auto&ep.allowLinker=true&ep.gtm_tag_name=sGTM%20GA4%20-%20Page%20View&ep.gtm_settings=GTM-TPV7TP%20%7C%20596%20%7C%20&ep.hit_timestamp=2023-03-14T00%3A12%3A21.70%2B00%3A00&richsstsse Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:a57b:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT via 1.1 google x-content-type-options nosniff server Google Frontend content-type text/plain access-control-allow-origin https://events.splunk.com cache-control no-cache access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-accel-buffering no
POST H2	204	collect stats.g.doubleclick.net/g/	0 255 B	145ms 8ms	Ping text/plain	2607:f8b0:4004:c1b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5EPM2P39FV&cid=19398969.1678752741&gtm=45je3360&aip=1 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://events.splunk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 408 B	190ms 36ms	Image image/gif	2607:f8b0:4006:81e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5EPM2P39FV&cid=19398969.1678752741&gtm=45je3360&aip=1&z=163603588 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect www.google-analytics.com/	35 B 55 B	74ms 39ms	Ping image/gif	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin https://events.splunk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	179ms 9ms	XHR text/plain	2607:f8b0:4004:c1b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-399680-1&cid=19398969.1678752741&jid=399953415&gjid=478891013&_gid=694230764.1678752741&_u=aGBAiUAjBAAAAEAFK~&z=966190437 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 14 Mar 2023 00:12:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://events.splunk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	getuidj Show response secure.adnxs.com/	11 B 821 B	144ms 30ms	XHR application/json	68.67.160.184 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.184 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Mar 2023 00:12:21 GMT AN-X-Request-Uuid 76c8f752-45f4-439a-9829-cbccb568895a Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://events.splunk.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 149.56.153.184; 149.56.153.184; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ Show response c.6sc.co/	7 B 203 B	81ms 24ms	XHR text/html	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT access-control-max-age 86400 access-control-allow-methods GET,POST content-type text/html access-control-allow-origin https://events.splunk.com access-control-allow-credentials true access-control-allow-headers * content-length 7
GET H2	200	/ Show response ipv6.6sc.co/	20 B 312 B	187ms 17ms	XHR text/html	2600:1400:d::1721:eeb1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d::1721:eeb1 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 73fc2cabaeb0986049f666b48f21c17a5437649858b570d4b9307e5aefdd15a5 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT vary Origin content-type text/html access-control-allow-origin https://events.splunk.com cache-control max-age=0, no-cache, no-store 6si-ipv6 2607:5300:60:7867::4 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466320_388099757_478175894_23_916_19_0";dur=1 content-length 20 expires Tue, 14 Mar 2023 00:12:21 GMT
GET H/1.1	200 OK	cachedClickId Show response tr.outbrain.com/	35 B 194 B	347ms 82ms	Script application/javascript	70.42.32.191 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/cachedClickId?marketerId=undefined Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 00:12:21 GMT X-TraceId 27e473258093be9371923e8281f7c2b6 Content-Length 35 Content-Type application/javascript
GET H/1.1	200 OK	unifiedPixel tr.outbrain.com/	53 B 225 B	327ms 79ms	Image image/gif	70.42.32.191 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://tr.outbrain.com/unifiedPixel?marketerId=00d61f3947fbcca6a300f9bcb5900fda25&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&g=1&optOut=false&bust=07034436557494792&referrer= Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Tue, 14 Mar 2023 00:12:21 GMT Cache-Control no-cache X-TraceId 1d5e0da6554b72b742b2f5ffcfde6bc7 Content-Length 53 Content-Type image/gif;
POST H3	204	collect www.google-analytics.com/g/	0 17 B	73ms 56ms	Ping text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8Q6D4RLYQL&gtm=45je3360&_p=16326993&cid=19398969.1678752741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678752741&sct=1&seg=0&dl=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&dt=Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk&en=page_view&_fv=1&_ss=1&ep.gtm_tag_name=GA4%20-%20Page%20View&ep.hit_timestamp=2023-03-14T00%3A12%3A21.66%2B00%3A00 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://events.splunk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1642523699107798 Show response connect.facebook.net/signals/config/	377 KB 108 KB	124ms 60ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1642523699107798?v=2.9.98&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d7d5821806775569c0c0fdb33a95df3b9e8aad2404695252fd6976c6f311f690 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 14 Mar 2023 00:12:21 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110314 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug kSM6vIsq45O350eSvyIb4kRNJNSp/6uBa6yIkkfOdRC5j5LDUTsMF3a6JKC6OAZu8glv3TofCWOW2XtdHK776w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1679558926 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	5962822 Show response www.clarity.ms/tag/uet/	802 B 1 KB	1110ms 1001ms	Script application/x-javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/5962822 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/5962822.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ddb3d87d7e22bb996ad55ef9718da624ca5d547ba4ddc1376e4e4e2302491184 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-type application/x-javascript date Tue, 14 Mar 2023 00:12:21 GMT cache-control no-cache, no-store expires -1 x-azure-ref 05bsPZAAAAAC4GRdLdoMkQ7SaN34lNL2wWVRPMjIxMDkwODE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache CONFIG_NOCACHE request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET H2	200	cds-pips.js Show response cdn.taboola.com/scripts/	3 KB 2 KB	51ms 9ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/scripts/cds-pips.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1341559/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-amz-version-id z5FoayaLm_Bvew3pbkytkoHczFCvkPwT content-encoding gzip via 1.1 varnish date Tue, 14 Mar 2023 00:12:21 GMT x-amz-request-id 345CDBWW70P2J4KQ age 1448 x-cache HIT x-amz-replication-status COMPLETED content-length 1340 x-amz-id-2 RXZ9eF1pCd0CDN+zmZsBdUvWy9zP/THQYOkdE0w5cIOOD+5zdquMw/vB8dFwYkBREq+fn3ZvR+o= x-served-by cache-yyz4566-YYZ last-modified Wed, 12 Oct 2022 13:57:57 GMT server AmazonS3 x-timer S1678752742.559317,VS0,VE0 etag "383fa66d2a0a09f4a6e64a9593ad43bb" vary Accept-Encoding content-type application/javascript abp 17 access-control-allow-origin * cache-control private, max-age=3600 accept-ranges bytes x-cache-hits 2577
GET H2	200	eid.es5.js Show response cdn.taboola.com/scripts/	17 KB 7 KB	52ms 10ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/scripts/eid.es5.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1341559/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 5dafe8b74bfd8567ceb1372730a1fbf9b6c585bfb52a64032f6a37a1df7a522c Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-amz-version-id s267fsNTlQZoIUop6vOPkT.WzN.oCb4n content-encoding gzip via 1.1 varnish date Tue, 14 Mar 2023 00:12:21 GMT x-amz-request-id 711VQ0VF3TYZZNCK age 17086 x-cache HIT x-amz-replication-status COMPLETED content-length 6472 x-amz-id-2 UTgzamZFHI5gBEhIVAMY+glZegjRkJeHBwnRspQi81a+JP2ePfQEcFMcfxpWE7COp78+vMX7sAY= x-served-by cache-yyz4566-YYZ last-modified Mon, 26 Dec 2022 14:02:08 GMT server AmazonS3 x-timer S1678752742.559447,VS0,VE0 etag "df82da09581e0f287e5655fe47ceb559" vary Accept-Encoding content-type application/javascript abp 17 access-control-allow-origin * cache-control private,max-age=14400 accept-ranges bytes x-cache-hits 27439
POST H2	400	interact Show response adobedc.demdex.net/ee/v1/	333 B 674 B	292ms 92ms	Fetch application/json	63.140.36.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adobedc.demdex.net/ee/v1/interact?configId=2ab6666c-0190-4d80-baff-f32a5d133289&requestId=b7b568a3-837f-4d10-9561-e9f6a406ba3b Requested by Host: cdn1.adoberesources.net URL: https://cdn1.adoberesources.net/alloy/2.6.4/alloy.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.36.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-63-140-36-112.data.adobedc.net Software jag / Resource Hash 46009aba09873268e8b2c922da3cc4a0742e7788a3f8a1888ecc4dfb391aaa3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding deflate x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains x-rate-limit-remaining 599 x-adobe-edge OR2;9 x-xss-protection 1; mode=block x-request-id b7b568a3-837f-4d10-9561-e9f6a406ba3b server jag vary Origin content-type application/json;charset=utf-8 access-control-allow-origin https://events.splunk.com access-control-expose-headers Retry-After, X-Adobe-Edge, X-Request-ID cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true x-konductor 23.3.5:fcfdf0c0
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	91ms 46ms	Image image/gif	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&visitor=bd526d5a-ba9b-4f80-837a-3d5a3b46dd20&session=5f4f8461-7f62-470e-8652-6cf9be6c4eb7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A21%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Mar%202023%2000%3A12%3A21%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22581214e52f923b1a91064a134ca689d7%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Mar%202023%2000%3A12%3A21%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2014%20Mar%202023%2000%3A12%3A21%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22keywords%22%3A%22Cybersecurity%2C%20Security%2C%20Cloud%20Security%2C%20Detections%2C%20Cyberthreat%2C%20Mitre%20Attack%2C%20SIEM%2C%20Analytics%22%2C%22title%22%3A%22Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&pageViewId=f677fff7-d48c-4cad-8664-7f86cef8750a&an_uid=0 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	113ms 53ms	Image image/gif	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-399680-1&cid=19398969.1678752741&jid=399953415&_u=aGBAiUAjBAAAAEAFK~&z=583980047 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 107 B	63ms 51ms	Image image/gif	2607:f8b0:4006:81e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-399680-1&cid=19398969.1678752741&jid=399953415&_u=aGBAiUAjBAAAAEAFK~&z=583980047 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	analytics-an-min.js Show response d2hya7iqhf5w3h.cloudfront.net/scripts/	4 KB 5 KB	90ms 20ms	Script application/javascript	13.225.231.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2hya7iqhf5w3h.cloudfront.net/scripts/analytics-an-min.js Requested by Host: tm.vendemore.com URL: https://tm.vendemore.com/cs/32fde63c-3af6-4cd0-a131-51e4701d5575/v2/cs.js?c=1678752741093 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.225.231.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-231-224.jfk51.r.cloudfront.net Software AmazonS3 / Resource Hash 856480dfbd572e8e51fd582b4744916dc6708b2cf12eb311d749f0dc16250410 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Mon, 13 Mar 2023 09:37:46 GMT Via 1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront) Last-Modified Wed, 05 May 2021 13:48:14 GMT Server AmazonS3 X-Amz-Cf-Pop JFK51-C1 Age 63824 ETag "e2295ad89bc05d51307a0a73d8f7aa14" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 4603 X-Amz-Cf-Id Hgdak7cGTEbZgUrIS5sws2W0VWp_PNjO8rshNPY1ruCJS02d86zNhg==
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	63ms 42ms	Image image/gif	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&visitor=bd526d5a-ba9b-4f80-837a-3d5a3b46dd20&session=5f4f8461-7f62-470e-8652-6cf9be6c4eb7&event=ipv6&q=%7B%22address%22%3A%222607%3A5300%3A60%3A7867%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22keywords%22%3A%22Cybersecurity%2C%20Security%2C%20Cloud%20Security%2C%20Detections%2C%20Cyberthreat%2C%20Mitre%20Attack%2C%20SIEM%2C%20Analytics%22%2C%22title%22%3A%22Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&pageViewId=f677fff7-d48c-4cad-8664-7f86cef8750a&an_uid=0 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 02:04:22 GMT server nginx/1.14.0 (Ubuntu) etag "63f03226-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	/ Show response pips.taboola.com/	64 B 241 B	74ms 29ms	XHR text/plain	2a04:4e42:400::300 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pips.taboola.com/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash 55ca65f2bfd67529c8240a722791d6887719029b9cee7255510dc70672b70565 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-served-by cache-yul12820-YUL date Tue, 14 Mar 2023 00:12:21 GMT via 1.1 varnish server Varnish access-control-allow-methods GET x-cache HIT access-control-allow-origin https://events.splunk.com cache-control no-store accept-ranges bytes content-length 64 retry-after 0 x-cache-hits 0
GET H2	204	/ Show response cds.taboola.com/	0 82 B	293ms 94ms	XHR text/plain	141.226.230.50 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://cds.taboola.com/?uid=47e822f8-9d32-440d-a8cb-f60c67e1ecfd-tuctb094165&uad=73fc2cabaeb0986049f666b48f21c17a5437649858b570d4b9307e5aefdd15a5&mbl=ZmFsc2U= Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin * date Tue, 14 Mar 2023 00:12:21 GMT cache-control no-store server nginx
GET H/1.1	200 OK	getuidj Show response ib.adnxs.com/	11 B 821 B	99ms 46ms	XHR application/json	68.67.160.117 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/getuidj Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Mar 2023 00:12:21 GMT AN-X-Request-Uuid 2fa277fb-a348-44fe-8303-f14866d39a41 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type application/json; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://events.splunk.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 149.56.153.184; 149.56.153.184; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	203ms 65ms	Image text/plain	2a03:2880:f171:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1642523699107798&ev=PageView&dl=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&rl=&if=false&ts=1678752741753&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678752741750.355073103&it=1678752741483&coo=false&eid=547898731-12&rqm=GET Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 14 Mar 2023 00:12:21 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	visit Show response analytics.vendemore.com/	33 B 381 B	121ms 109ms	XHR text/plain	3.121.48.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.vendemore.com/visit?vlmref=&vaid=&url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&title=Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk&path=%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security&domain=events.splunk.com&referrer= Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.121.48.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-48-255.eu-central-1.compute.amazonaws.com Software / Resource Hash 09f126a415237ac81c864a4019e5f80e80f6b3b9c2187d42431584ab71ecf731 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 access-control-allow-methods POST, GET, OPTIONS, HEAD content-type text/plain;charset=ISO-8859-1 access-control-allow-origin https://events.splunk.com access-control-allow-credentials true access-control-allow-headers Content-Type content-length 33
GET H2	200	/ www.facebook.com/tr/	0 54 B	76ms 66ms	Image text/plain	2a03:2880:f171:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1642523699107798&ev=Microdata&dl=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&rl=&if=false&ts=1678752742260&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk%22%2C%22meta%3Adescription%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22meta%3Akeywords%22%3A%22Cybersecurity%2C%20Security%2C%20Cloud%20Security%2C%20Detections%2C%20Cyberthreat%2C%20Mitre%20Attack%2C%20SIEM%2C%20Analytics%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Splunk%20Enterprise%20Security%207.1%20Is%20Here!%20%7C%20Virtual%20Event%20%7C%20Splunk%22%2C%22og%3Adescription%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.en25.com%2FEloquaImages%2Fclients%2FSplunkInc%2F%257B86d6187b-9e26-4d8f-994b-db3505ce76ba%257D_FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB_130855_MB_OD.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678752741750.355073103&it=1678752741483&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 14 Mar 2023 00:12:22 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	42ms 40ms	Image image/gif	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&visitor=bd526d5a-ba9b-4f80-837a-3d5a3b46dd20&session=5f4f8461-7f62-470e-8652-6cf9be6c4eb7&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A21%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22keywords%22%3A%22Cybersecurity%2C%20Security%2C%20Cloud%20Security%2C%20Detections%2C%20Cyberthreat%2C%20Mitre%20Attack%2C%20SIEM%2C%20Analytics%22%2C%22title%22%3A%22Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&pageViewId=f677fff7-d48c-4cad-8664-7f86cef8750a&an_uid=0 Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:22 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	clarity.js Show response www.clarity.ms/eus2-d-sc/s/0.7.2/	56 KB 19 KB	24ms 24ms	Script application/javascript	2620:1ec:48:1::40 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/eus2-d-sc/s/0.7.2/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/5962822 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:21 GMT content-encoding br last-modified Wed, 01 Jun 2022 12:22:22 GMT x-azure-ref-originshield 0wJsPZAAAAABqieF45MrESYu82CX6wWaGTU5aMjIxMDYwNjEyMDUzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== etag "1d9550279721d1c" x-azure-ref 05rsPZAAAAAAUvAymvxEuTamGX0Z79aChWVRPMjIxMDkwODE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ== x-cache TCP_HIT content-type application/javascript;charset=utf-8 cache-control public,max-age=86400 accept-ranges bytes request-context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GET H2	200	up Show response insight.adsrvr.org/track/ Frame 3520	0 182 B	77ms 26ms	Document text/html	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://insight.adsrvr.org/track/up?adv=65d5w9m&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&upid=zfbopfz&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://events.splunk.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private,no-cache, must-revalidate content-type text/html date Tue, 14 Mar 2023 00:12:22 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B18116125B8D4F6486EA9CEB6F95FD71&RedC=c.clarity.ms&MXFR=2E5BFB2C590E61591C6AE9F85D0E6F75 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18116125B8D4F6486EA9CEB6F95FD71&MUID=0AEE73C945B06D903B2D611D448B6CAD	42 B 442 B	32ms 31ms	Image image/gif	20.110.205.119 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18116125B8D4F6486EA9CEB6F95FD71&MUID=0AEE73C945B06D903B2D611D448B6CAD Protocol H2 Server 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers pragma no-cache date Tue, 14 Mar 2023 00:12:21 GMT last-modified Thu, 09 Mar 2023 17:04:53 GMT server Microsoft-IIS/10.0 etag "bd7e8244a952d91:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Tue, 14 Mar 2023 00:12:22 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 22D0411689C14486803EF4B03A96B2C2 Ref B: YMQ01EDGE0619 Ref C: 2023-03-14T00:12:22Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18116125B8D4F6486EA9CEB6F95FD71&MUID=0AEE73C945B06D903B2D611D448B6CAD cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	/ Show response match.adsrvr.org/track/upb/ Frame 7473 Redirect Chain https://insight.adsrvr.org/track/up?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk... https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk...	878 B 1 KB	78ms 75ms	Document text/html	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&upid=afx4zne&upv=1.1.0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash da30d026791667da6468007a1575b0d2b5e6eb43b420c1beb55b3f8c5d7ffe52 Request headers Referer https://events.splunk.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private,no-cache, must-revalidate content-type text/html; charset=utf-8 date Tue, 14 Mar 2023 00:12:22 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319 Redirect headers cache-control private,no-cache, must-revalidate content-type text/html; charset=utf-8 date Tue, 14 Mar 2023 00:12:22 GMT location https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&upid=afx4zne&upv=1.1.0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319
GET H2	200	analytics.bundle.js Show response v2.listenloop.com/	98 KB 33 KB	124ms 79ms	Script application/javascript	2606:4700:3036::ac43:dfcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://v2.listenloop.com/analytics.bundle.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:dfcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1ace69df59611d78871da688d77103d706795389c1cedf865ad5f56cb0c8d78 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:22 GMT x-amz-version-id v7_Q2SpGTesDLY1WV1h.cN4vwVAwB6zS content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id JYQ3KVF9HP5CW7VF age 2679 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 zxkfLanucE+Ra8JFr3JskSx4tXHHL4DqSKHNi9tD7HXWU0u4Et29yv4qZsY7oAzwQru7AEK9w6M= last-modified Mon, 13 Mar 2023 07:14:38 GMT server cloudflare etag W/"941666500af8f7c1a78e7f6fa5427c05" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVlmAvzuWOsHwG3oWisSD2XTYK8jS0vVC%2FfUK5CsNkSpN7D4vFM7ZUo2NGhd6EEoF9%2B2me2Fpw3bgi97Iubp%2Fc4gcw8gXpwzYt6aSYFARjgTNodXrdgnMWJE03PW3yzDYV8aH0PbmjCJ5uRuDg9Nig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options SAMEORIGIN cache-control max-age=1800 cf-ray 7a784e0238541a13-EWR
GET H2	200	fs.js Show response edge.fullstory.com/s/	282 KB 71 KB	42ms 12ms	Script application/javascript	35.201.112.186 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://edge.fullstory.com/s/fs.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 186.112.201.35.bc.googleusercontent.com Software UploadServer / Resource Hash e476d9b0f83f18d34f86a036b06e2543e69e8cff72571905e0061461506839b7 Request headers Referer https://events.splunk.com/ Origin https://events.splunk.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:07:38 GMT content-encoding br age 284 x-guploader-uploadid ADPycduP9iFdtIXELtPNd4ZR6ZmdB7W6yt8zvFi_EYx4XL_FZ6HyIhz0Pj5fkKV60TQ8MyPH9G0MxAzIsIQaC9PG_1dOhw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71628 last-modified Thu, 09 Mar 2023 16:43:31 GMT server UploadServer etag "806a083a1315b79221e313bee02efb1d" vary Accept-Encoding x-goog-generation 1678380211844370 x-goog-hash crc32c=/f7Flg==, md5=gGoIOhMVt5Ih4xO+4C77HQ== access-control-allow-origin * access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=3600,no-transform x-goog-stored-content-length 71628 accept-ranges bytes content-type application/javascript expires Tue, 14 Mar 2023 01:07:38 GMT
GET H2	200	tags.js Show response tag.clearbitscripts.com/v1/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/	2 KB 1 KB	145ms 101ms	Script application/javascript	2600:9000:21dd:8800:7:d7d6:3c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.clearbitscripts.com/v1/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/tags.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:8800:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software envoy / Resource Hash f00f72ccdaf681afa6287cd2a5c3fb03be2f1a18719d9c28d7e3c866b1028b60 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:22 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - via 1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront) server envoy strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop EWR53-C2 etag W/"254eb93a11057ef71ea1a141b8350723" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 cache-control private, max-age=600 x-amz-cf-id DC0OEf0-zdN1qEx5xfKuVDpvWxPc8-RAyW57LHuNRazXTUiO9yU5jA==
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 297 B	206ms 101ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Access-Control-Allow-Origin https://events.splunk.com Date Tue, 14 Mar 2023 00:12:22 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
POST H2	202	page Show response rs.fullstory.com/rec/	74 B 282 B	73ms 43ms	XHR text/plain	35.186.194.58 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rs.fullstory.com/rec/page Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 58.194.186.35.bc.googleusercontent.com Software / Resource Hash f0d06baac7c6236016333e8e5914e963292ab67deb07a5bd3d12d1d6f2ca69b7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers date Tue, 14 Mar 2023 00:12:22 GMT via 1.1 google x-content-type-options nosniff content-type text/plain; charset=utf-8 access-control-allow-origin https://events.splunk.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74
GET H/1.1	200 OK	universal_pixel.1.1.0.js Show response js.adsrvr.org/ Frame 7473	487 B 964 B	20ms 19ms	Script application/x-javascript	143.204.138.162 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/universal_pixel.1.1.0.js Requested by Host: match.adsrvr.org URL: https://match.adsrvr.org/track/upb/?adv=t0q4wl6&ref=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&upid=afx4zne&upv=1.1.0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.138.162 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-138-162.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc Request headers accept-language en-CA,en;q=0.9 Referer https://match.adsrvr.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Mon, 13 Mar 2023 00:27:57 GMT Via 1.1 c9b8615e0529e4075f3b458a6fe96d44.cloudfront.net (CloudFront) Last-Modified Thu, 24 Sep 2020 15:15:32 GMT Server AmazonS3 X-Amz-Cf-Pop EWR52-C2 Age 85466 ETag "f0a7a3296da7382ce6bc1a3b6769e927" X-Cache Hit from cloudfront Content-Type application/x-javascript Connection keep-alive Accept-Ranges bytes Content-Length 487 X-Amz-Cf-Id yoVr_WO9Q9WZX1koS_fTOgC99t-92lb1qKR94QQMBEC0XFSyVtcblw==
GET H2	200	destinations.min.js Show response x.clearbitjs.com/v2/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/	3 KB 2 KB	194ms 139ms	Script application/javascript	52.20.167.62 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/destinations.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.167.62 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-167-62.compute-1.amazonaws.com Software envoy / Resource Hash 72f8c8565209d91fa52240d4fc0c782eb486573b84261eddef70a6557e89e014 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:22 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server envoy strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control private, max-age=600
GET H2	200	tracking.min.js Show response x.clearbitjs.com/v2/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/	168 KB 45 KB	168ms 114ms	Script application/javascript	52.20.167.62 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/tracking.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_4d6500cee7e1a0c3ef62fdbbc545c17d/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.167.62 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-167-62.compute-1.amazonaws.com Software envoy / Resource Hash f37ee08b25f3894e9c1f322a86515d477a32cf36dadffb6b7f05a0ec23a17d81 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:22 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server envoy strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control private, max-age=600
GET H2	204	unip Show response trc-events.taboola.com/1341559/log/3/	0 379 B	78ms 25ms	XHR text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1341559/log/3/unip?en=pre_d_eng_tb&tos=1605&scd=0&ssd=1&est=1678752741269&ver=36&isls=true&src=i&invt=1500&msa=1147&rv=1&tim=1678752742874&vi=1678752741253&ri=60fb7ae8762c3b20a43582dec01ea0a0&sd=v2_dce9fc20631330e3603f1c756e7ae99c_47e822f8-9d32-440d-a8cb-f60c67e1ecfd-tuctb094165_1678752741_1678752741_CNawjgYQ9_BRGIXv1-vtMCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo6t-6o5P9iuX9AXAB&ui=47e822f8-9d32-440d-a8cb-f60c67e1ecfd-tuctb094165&ref=null&cv=20230312-9-RELEASE&item-url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&ler=other Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin https://events.splunk.com pragma no-cache date Tue, 14 Mar 2023 00:12:22 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
GET H2	200	rubicon Show response match.adsrvr.org/track/cmf/ Frame 0C63 Redirect Chain https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon https://match.adsrvr.org/track/cmf/rubicon?gdpr=0	70 B 588 B	27ms 27ms	Document image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private,no-cache, must-revalidate content-length 70 content-type image/gif date Tue, 14 Mar 2023 00:12:23 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319 Redirect headers Cache-Control no-cache,no-store,must-revalidate Content-Type text/html Expires 0 Location https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Pragma no-cache X-RPHost 83041abbe8494cb29eff3083edd6dff6 content-length 0
GET H2	200	generic Show response match.adsrvr.org/track/cmf/ Frame 92D0 Redirect Chain https://ups.analytics.yahoo.com/ups/55953/sync?uid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04&_origin=1&redir=true&gdpr=0&gdpr_consent= https://ups.analytics.yahoo.com/ups/55953/sync?uid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1S6Ab9JE2uJWsY9WXXg5kUptHAIJ4VU-~A&gdpr=0	70 B 587 B	26ms 25ms	Document image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1S6Ab9JE2uJWsY9WXXg5kUptHAIJ4VU-~A&gdpr=0 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private,no-cache, must-revalidate content-length 70 content-type image/gif date Tue, 14 Mar 2023 00:12:23 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319 Redirect headers age 0 content-length 0 date Tue, 14 Mar 2023 00:12:22 GMT location https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-1S6Ab9JE2uJWsY9WXXg5kUptHAIJ4VU-~A&gdpr=0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV server ATS/9.1.10.25 strict-transport-security max-age=31536000
GET H2	200	appnexus Show response match.adsrvr.org/track/cmf/ Frame 0944 Redirect Chain https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04 https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D1afe9216-bb65-4e6c-bb8b-3cc49f3eda04 https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612515770122134136&ttd_tdid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04	70 B 588 B	26ms 25ms	Document image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612515770122134136&ttd_tdid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/universal_pixel.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://match.adsrvr.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control private,no-cache, must-revalidate content-length 70 content-type image/gif date Tue, 14 Mar 2023 00:12:22 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" pragma no-cache x-aspnet-version 4.0.30319 Redirect headers AN-X-Request-Uuid 88de153c-76c3-45a5-a3fa-47d01f0a8d40 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Connection keep-alive Content-Length 0 Content-Type text/html; charset=utf-8 Date Tue, 14 Mar 2023 00:12:22 GMT Expires Sat, 15 Nov 2008 16:00:00 GMT Location https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5612515770122134136&ttd_tdid=1afe9216-bb65-4e6c-bb8b-3cc49f3eda04 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Pragma no-cache Server nginx/1.21.3 X-Proxy-Origin 149.56.153.184; 149.56.153.184; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com X-XSS-Protection 0
POST H2	200	p Show response app.clearbit.com/v1/	16 B 1 KB	160ms 107ms	XHR application/json	52.204.243.204 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.clearbit.com/v1/p Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.204.243.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-204-243-204.compute-1.amazonaws.com Software envoy / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type text/plain Response headers date Tue, 14 Mar 2023 00:12:22 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server envoy strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://events.splunk.com content-security-policy-report-only default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://api.segment.io https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self'; img-src 'self' data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; access-control-allow-credentials true access-control-allow-headers Authorization, API-Version, Content-Type
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	52ms 51ms	Image image/gif	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&visitor=bd526d5a-ba9b-4f80-837a-3d5a3b46dd20&session=5f4f8461-7f62-470e-8652-6cf9be6c4eb7&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A22%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%222005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22keywords%22%3A%22Cybersecurity%2C%20Security%2C%20Cloud%20Security%2C%20Detections%2C%20Cyberthreat%2C%20Mitre%20Attack%2C%20SIEM%2C%20Analytics%22%2C%22title%22%3A%22Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&pageViewId=f677fff7-d48c-4cad-8664-7f86cef8750a&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:23 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu) etag "615ccf10-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 297 B	37ms 37ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://events.splunk.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Access-Control-Allow-Origin https://events.splunk.com Date Tue, 14 Mar 2023 00:12:23 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 494 B	42ms 41ms	Image image/gif	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&visitor=bd526d5a-ba9b-4f80-837a-3d5a3b46dd20&session=5f4f8461-7f62-470e-8652-6cf9be6c4eb7&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A24%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A23%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22keywords%22%3A%22Cybersecurity%2C%20Security%2C%20Cloud%20Security%2C%20Detections%2C%20Cyberthreat%2C%20Mitre%20Attack%2C%20SIEM%2C%20Analytics%22%2C%22title%22%3A%22Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&pageViewId=f677fff7-d48c-4cad-8664-7f86cef8750a&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:24 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 01:45:17 GMT server nginx/1.14.0 (Ubuntu) etag "63f02dad-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 493 B	43ms 43ms	Image image/gif	23.39.229.72 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=581214e52f923b1a91064a134ca689d7&svisitor=null&visitor=bd526d5a-ba9b-4f80-837a-3d5a3b46dd20&session=5f4f8461-7f62-470e-8652-6cf9be6c4eb7&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A25%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2014%20Mar%202023%2000%3A12%3A24%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Splunk%20Enterprise%20Security%207.1%20delivers%20a%20widened%20correlation%20search%20editor%20to%20make%20it%20easy%20to%20view%20and%20customize%20Splunk%20security%20detections.%22%2C%22keywords%22%3A%22Cybersecurity%2C%20Security%2C%20Cloud%20Security%2C%20Detections%2C%20Cyberthreat%2C%20Mitre%20Attack%2C%20SIEM%2C%20Analytics%22%2C%22title%22%3A%22Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&pageViewId=f677fff7-d48c-4cad-8664-7f86cef8750a&an_uid=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.39.229.72 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-39-229-72.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:25 GMT x-content-type-options nosniff content-length 43 pragma no-cache last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu) etag "63f020a0-2b" access-control-max-age 86400 access-control-allow-methods GET,POST content-type image/gif access-control-allow-origin cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	204	unip Show response trc-events.taboola.com/1341559/log/3/	0 379 B	24ms 23ms	XHR text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1341559/log/3/unip?en=pre_d_eng_tb&tos=4606&scd=0&ssd=1&est=1678752741269&ver=36&isls=true&src=i&invt=3000&msa=1147&rv=1&tim=1678752745876&vi=1678752741253&ri=60fb7ae8762c3b20a43582dec01ea0a0&sd=v2_dce9fc20631330e3603f1c756e7ae99c_47e822f8-9d32-440d-a8cb-f60c67e1ecfd-tuctb094165_1678752741_1678752741_CNawjgYQ9_BRGIXv1-vtMCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo6t-6o5P9iuX9AXAB&ui=47e822f8-9d32-440d-a8cb-f60c67e1ecfd-tuctb094165&ref=null&cv=20230312-9-RELEASE&item-url=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&ler=other Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers access-control-allow-origin https://events.splunk.com pragma no-cache date Tue, 14 Mar 2023 00:12:25 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	235ms 23ms	Script application/javascript	146.75.32.157
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.157 -, , ASN (), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Tue, 14 Mar 2023 00:12:26 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 15:55:14 GMT etag "32ad004436155ec972bc50e6238b5b67+gzip" vary Accept-Encoding,Host x-cache HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kjyo7100123-IAD
GET H2	200	FQgOcAAM.min.js Show response scripts.demandbase.com/	70 KB 19 KB	240ms 27ms	Script application/javascript	52.85.61.96
General Check archive.org Show headers Download Go to Full URL https://scripts.demandbase.com/FQgOcAAM.min.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.61.96 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash b3e4d2a082425e704d6d407c38cb401eebc267685ad78c21daa627191d3005a1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-amz-version-id 9mPKCHaRKL1MFtloX0gF3xpHvn_nFGRS content-encoding gzip via 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront) date Tue, 14 Mar 2023 00:09:49 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop EWR53-P1 age 158 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Fri, 03 Feb 2023 22:43:07 GMT server AmazonS3 etag W/"a0d8db4a592bfddceaa8612199421f56" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=3600 permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=() x-amz-cf-id VfZ8vcrh1gJ8xFMh47_TTeFn-UVaHxSbYu_TjWGrJTTf6xT6NiyPTA==
GET H2	200	amzn.js Show response c.amazon-adsystem.com/aat/	7 KB 7 KB	223ms 19ms	Script text/javascript	143.204.144.76
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aat/amzn.js Requested by Host: events.splunk.com URL: https://events.splunk.com/Rapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security?utm_medium=email&utm_source=splunk&utm_campaign=FY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB&LST=Email1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.144.76 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 45153d776213fa86c1ef7dca51e36d669e1b697b53907f3bf7cd3ee706edbaec Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 13 Mar 2023 00:26:49 GMT x-amz-version-id RCjAxJ8CrRqbtKQCS4KIrWhcLcYrBklc via 1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront) last-modified Thu, 11 Nov 2021 17:52:19 GMT server AmazonS3 x-amz-cf-pop EWR52-C2 age 85538 etag "4e42700e21a922978b72507ad18a7fea" x-cache Hit from cloudfront content-type text/javascript accept-ranges bytes content-length 6674 x-amz-cf-id NoApkycB53lX9f5mnPnZq5b3ELwHbozhgJgtkkolsyLD9p-RNGVkIw==
GET H2	200	iztag.js Show response tags.inzynk.io/dji5wmjz/	17 KB 18 KB	243ms 29ms	Script application/octet-stream	2600:9000:2512:2e00:12:dfa9:e200:93a1
General Check archive.org Show headers Download Go to Full URL https://tags.inzynk.io/dji5wmjz/iztag.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPV7TP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:2e00:12:dfa9:e200:93a1 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 7c2783718baefb66f7810aedae99e6bbabd3713e0f6098079f6ff9b4d1433bc2 Request headers accept-language en-CA,en;q=0.9 Referer https://events.splunk.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Mon, 13 Mar 2023 15:08:40 GMT via 1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront) last-modified Wed, 25 May 2022 10:03:10 GMT server AmazonS3 x-amz-cf-pop JFK50-P7 age 65910 etag "382804949496b421c76a3504a7676727" x-cache Hit from cloudfront content-type application/octet-stream accept-ranges bytes content-length 17723 x-amz-cf-id OMFoj1yRL1QQf8_O18x4z91XgWxKeFrDL-1LXTKUr2JRUHse8iOVWQ==
GET		iu3 s.amazon-adsystem.com/ Frame 6E4D	0 0
GET		adsct t.co/i/	0 0
GET		adsct analytics.twitter.com/i/	0 0
GET		dji5wmjz analytics.inzynk.io/collect/	0 0
GET		464526.gif id.rlcdn.com/	0 0
POST		ip.json api.company-target.com/api/v2/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s.amazon-adsystem.com

URL

https://s.amazon-adsystem.com/iu3?pid=3fcbe918-6424-4b3d-95aa-68d72d53fbd1&event=PageView&ts=1678752745953

Domain

t.co

URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e5527ac0-895d-4045-b97b-008914808965&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e4fcede9-4af2-4c50-b19d-081b1949e810&tw_document_href=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvbvz&type=javascript&version=2.3.29

Domain

analytics.twitter.com

URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e5527ac0-895d-4045-b97b-008914808965&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=e4fcede9-4af2-4c50-b19d-081b1949e810&tw_document_href=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvbvz&type=javascript&version=2.3.29

Domain

analytics.inzynk.io

URL

https://analytics.inzynk.io/collect/dji5wmjz?izcid=&iztid=&u=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&t=Rapid+Detection+and+Incident+Scoping+with+Splunk+Enterprise+Security+7.1+%7C+Virtual+Event+%7C+Splunk&p=%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security&d=events.splunk.com&r=

Domain

id.rlcdn.com

URL

https://id.rlcdn.com/464526.gif

Domain

api.company-target.com

URL

https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fevents.splunk.com%2FRapid-Detection-and-Incident-Scoping-with-Splunk-Enterprise-Security%3Futm_medium%3Demail%26utm_source%3Dsplunk%26utm_campaign%3DFY24Q1_DGN_AMER_WBR_SEC_EN_Rapid_Detection_ES_WEB%26LST%3DEmail1&page_title=Rapid%20Detection%20and%20Incident%20Scoping%20with%20Splunk%20Enterprise%20Security%207.1%20%7C%20Virtual%20Event%20%7C%20Splunk