www.elastic.co Open in urlscan Pro
2a04:4e42:400::729 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.elastic.co/blog/how-hunt-masquerade-ball'
Submission: On July 11 via api (July 11th 2024, 11:47:31 am UTC) from TR — Scanned from US

Summary HTTP 132 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 64 IPs in 3 countries across 38 domains to perform 132 HTTP transactions. The main IP is 2a04:4e42:400::729, located in United States and belongs to FASTLY, US. The main domain is www.elastic.co. The Cisco Umbrella rank of the primary domain is 244970.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on March 6th 2024. Valid for: a year.

This is the only time www.elastic.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
2	2600:1408:c40... 2600:1408:c400:38c::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
4	2607:f8b0:400... 2607:f8b0:4004:c21::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.30.209 104.18.30.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.132.61 52.85.132.61	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
2	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.33.193.145 23.33.193.145	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2400:52e0:1a0... 2400:52e0:1a00::1206:2	200325 (BUNNYCDN) (BUNNYCDN)
2	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1408:c40... 2600:1408:c400:2a::17da:da0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4004:c09::8b	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.28.157 146.75.28.157	54113 (FASTLY) (FASTLY)
2	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.10.89 18.160.10.89	16509 (AMAZON-02) (AMAZON-02)
2	18.160.10.69 18.160.10.69	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:250... 2600:9000:2509:1200:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.141.92.115 3.141.92.115	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.182.121 13.32.182.121	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.207.134.130 23.207.134.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.213.95.227 23.213.95.227	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::ac40:973c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.87.92.154 52.87.92.154	14618 (AMAZON-AES) (AMAZON-AES)
1	2400:52e0:1a0... 2400:52e0:1a00::1207:2	200325 (BUNNYCDN) (BUNNYCDN)
2	2607:f8b0:400... 2607:f8b0:4004:c21::8b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1 2	172.253.63.149 172.253.63.149	15169 (GOOGLE) (GOOGLE)
1	142.251.179.148 142.251.179.148	15169 (GOOGLE) (GOOGLE)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1	99.84.191.94 99.84.191.94	16509 (AMAZON-02) (AMAZON-02)
2	13.249.39.46 13.249.39.46	16509 (AMAZON-02) (AMAZON-02)
4	3.132.116.56 3.132.116.56	16509 (AMAZON-02) (AMAZON-02)
1	18.223.53.13 18.223.53.13	16509 (AMAZON-02) (AMAZON-02)
1	18.165.98.69 18.165.98.69	16509 (AMAZON-02) (AMAZON-02)
1	18.165.83.79 18.165.83.79	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:1:7... 2600:1901:1:7c5::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.152.178.255 54.152.178.255	14618 (AMAZON-AES) (AMAZON-AES)
1	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	173.194.66.97 173.194.66.97	15169 (GOOGLE) (GOOGLE)
1	2600:9000:200... 2600:9000:2009:2c00:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	134.213.193.62 134.213.193.62	15395 (RACKSPACE...) (RACKSPACE-LON)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
1	64.233.180.103 64.233.180.103	15169 (GOOGLE) (GOOGLE)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	35.188.12.98 35.188.12.98	15169 (GOOGLE) (GOOGLE)
1	18.160.18.68 18.160.18.68	16509 (AMAZON-02) (AMAZON-02)
2	18.160.18.33 18.160.18.33	16509 (AMAZON-02) (AMAZON-02)
132	64

18 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

www.elastic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:38c::13b8 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

static-www.elastic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

images.contentstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c21::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e1f (United States)

ASN13335 (CLOUDFLARENET, US)

tapi.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.30.209 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-61.iad50.r.cloudfront.net

api.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.elastic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.33.193.145 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-33-193-145.deploy.static.akamaitechnologies.com

a18132920325.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1a00::1206:2 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:2a::17da:da0e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-89.iad12.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.10.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-69.iad12.r.cloudfront.net

lift-ai-js.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2509:1200:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.141.92.115 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-92-115.us-east-2.compute.amazonaws.com

marketo.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
risk.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.182.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-182-121.iad66.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.137 (Colonia, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.207.134.130 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-134-130.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.95.227 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-95-227.deploy.static.akamaitechnologies.com

sjrtp2-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:973c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.87.92.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-92-154.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

idb.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::8b (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f149.1e100.net

10713890.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.148 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-94.iad89.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.39.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-46.iad89.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.132.116.56 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-116-56.us-east-2.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
risk.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.223.53.13 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-53-13.us-east-2.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-69.iad55.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.83.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-79.iad55.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:7c5:: (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

pixels.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.152.178.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-178-255.compute-1.amazonaws.com

visitor-scoring-c.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.66.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2009:2c00:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.213.193.62 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

813-mam-392.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.180.103 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.12.98 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 98.12.188.35.bc.googleusercontent.com

apm-proxy.app.elstc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-68.iad12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-33.iad12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	elastic.co www.elastic.co — Cisco Umbrella Rank: 244970 static-www.elastic.co — Cisco Umbrella Rank: 590499 info.elastic.co — Cisco Umbrella Rank: 831691	1 MB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 671 www.linkedin.com — Cisco Umbrella Rank: 928 px4.ads.linkedin.com — Cisco Umbrella Rank: 7218	4 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 4474 tracking.crazyegg.com — Cisco Umbrella Rank: 7990 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 9637 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 9249	43 KB
7	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1033 tapi.optimizely.com — Cisco Umbrella Rank: 29570 cdn3.optimizely.com — Cisco Umbrella Rank: 8098 a18132920325.cdn.optimizely.com — Cisco Umbrella Rank: 779102 logx.optimizely.com — Cisco Umbrella Rank: 2466	371 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 208 10713890.fls.doubleclick.net — Cisco Umbrella Rank: 866562 ad.doubleclick.net — Cisco Umbrella Rank: 215 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	477 KB
4	company-target.com s.company-target.com — Cisco Umbrella Rank: 2648 segments.company-target.com — Cisco Umbrella Rank: 3671 api.company-target.com — Cisco Umbrella Rank: 10109	3 KB
4	clearbit.com marketo.clearbit.com — Cisco Umbrella Rank: 261336 risk.clearbit.com — Cisco Umbrella Rank: 242867 app.clearbit.com — Cisco Umbrella Rank: 50504	15 KB
4	marketlinc.com lift-ai-js.marketlinc.com — Cisco Umbrella Rank: 100238 visitor-scoring-c.marketlinc.com — Cisco Umbrella Rank: 225173	10 KB
4	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 21516 cs.iubenda.com — Cisco Umbrella Rank: 24960 idb.iubenda.com — Cisco Umbrella Rank: 28727	69 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 17966	62 KB
3	elstc.co apm-proxy.app.elstc.co	568 B
3	google.com analytics.google.com — Cisco Umbrella Rank: 239 www.google.com — Cisco Umbrella Rank: 10	371 B
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 2564 insight.adsrvr.org — Cisco Umbrella Rank: 1492 match.adsrvr.org — Cisco Umbrella Rank: 493	6 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 530	14 KB
3	demandbase.com api.demandbase.com — Cisco Umbrella Rank: 28167 tag.demandbase.com — Cisco Umbrella Rank: 14824 tag-logger.demandbase.com — Cisco Umbrella Rank: 13461	25 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	4 KB
2	spotify.com pixels.spotify.com — Cisco Umbrella Rank: 4861	271 B
2	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 47352	47 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 1394	771 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 3224 alb.reddit.com — Cisco Umbrella Rank: 1955	761 B
2	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 72191 ibc-flow.techtarget.com — Cisco Umbrella Rank: 66358 Failed	2 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8630	6 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 774	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	72 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1497	13 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 10249 q.quora.com — Cisco Umbrella Rank: 7202	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102	21 KB
1	mktoresp.com 813-mam-392.mktoresp.com — Cisco Umbrella Rank: 839672	482 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1362	724 B
1	t.co t.co — Cisco Umbrella Rank: 983	376 B
1	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 12160	22 KB
1	marketo.com sjrtp2-cdn.marketo.com — Cisco Umbrella Rank: 167509	232 B
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 40630	1 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1254	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1900	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	696 B
1	contentstack.io images.contentstack.io — Cisco Umbrella Rank: 15783	8 KB
132	38

	Domain	Requested by
18	static-www.elastic.co	www.elastic.co
18	www.elastic.co	www.elastic.co
5	px.ads.linkedin.com	3 redirects www.elastic.co
5	www.googletagmanager.com	www.elastic.co www.googletagmanager.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	js.driftt.com	www.elastic.co js.driftt.com
3	apm-proxy.app.elstc.co	www.elastic.co
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.elastic.co
2	www.facebook.com	www.elastic.co
2	visitor-scoring-c.marketlinc.com	www.elastic.co
2	pixels.spotify.com	www.elastic.co
2	x.clearbitjs.com	tag.clearbitscripts.com
2	api.company-target.com	www.elastic.co
2	id.rlcdn.com	2 redirects
2	10713890.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.elastic.co
2	analytics.google.com	www.elastic.co
2	munchkin.marketo.net	www.elastic.co munchkin.marketo.net
2	secure.adnxs.com	1 redirects www.elastic.co
2	connect.facebook.net	www.elastic.co connect.facebook.net
2	risk.clearbit.com	www.elastic.co
2	lift-ai-js.marketlinc.com	www.elastic.co lift-ai-js.marketlinc.com
2	www.redditstatic.com	www.googletagmanager.com www.elastic.co
2	www.google-analytics.com	www.googletagmanager.com www.elastic.co
2	logx.optimizely.com	www.elastic.co
2	cdn.iubenda.com	www.googletagmanager.com cdn.iubenda.com
2	info.elastic.co	www.elastic.co
2	cdn.optimizely.com	www.elastic.co
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	www.google.com	www.elastic.co
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	app.clearbit.com	www.elastic.co
1	813-mam-392.mktoresp.com	munchkin.marketo.net
1	tag-logger.demandbase.com	www.elastic.co
1	ibc-flow.techtarget.com	www.elastic.co
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	tracking.crazyegg.com	script.crazyegg.com
1	segments.company-target.com	www.elastic.co
1	s.company-target.com	tag.demandbase.com
1	analytics.twitter.com	www.elastic.co
1	t.co	www.elastic.co
1	px4.ads.linkedin.com	www.elastic.co
1	www.linkedin.com	1 redirects
1	alb.reddit.com	www.elastic.co
1	pixel-config.reddit.com	www.elastic.co
1	ad.doubleclick.net	www.elastic.co
1	idb.iubenda.com	www.elastic.co
1	q.quora.com	www.elastic.co
1	trk.techtarget.com	www.elastic.co
1	pixel.byspotify.com	www.elastic.co
1	sjrtp2-cdn.marketo.com	www.elastic.co
1	js.adsrvr.org	www.googletagmanager.com
1	marketo.clearbit.com	www.elastic.co
1	tag.clearbitscripts.com	www.googletagmanager.com
1	tag.demandbase.com	www.elastic.co
1	static.ads-twitter.com	www.googletagmanager.com
1	a.quora.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	cs.iubenda.com	cdn.iubenda.com
1	a18132920325.cdn.optimizely.com	cdn.optimizely.com
1	fonts.googleapis.com	www.elastic.co
1	api.demandbase.com	cdn.optimizely.com
1	cdn3.optimizely.com	cdn.optimizely.com
1	tapi.optimizely.com	cdn.optimizely.com
1	images.contentstack.io	www.elastic.co
132	67

This site contains links to these domains. Also see Links.

Domain
cloud.elastic.co
partners.elastic.co
discuss.elastic.co
www.linkedin.com
www.youtube.com
www.facebook.com
www.twitter.com
github.com
jobs.elastic.co
login.elastic.co
secure.ethicspoint.com
ir.elastic.co
www.apache.org

Subject Issuer	Validity	Valid
www.elastic.co GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
static-www.elastic.co GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.contentstack.io Gandi RSA Domain Validation Secure Server CA 3	`2024-04-10` - `2025-05-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
tapi.optimizely.com WE1	`2024-06-21` - `2024-09-19`	3 months	crt.sh
cdn3.optimizely.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
info.elastic.co Cloudflare Inc ECC CA-3	`2024-03-07` - `2024-12-31`	10 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2024-01-25` - `2025-01-27`	a year	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-01` - `2025-03-03`	a year	crt.sh
logx.optimizely.com WR3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
quora.com R11	`2024-07-09` - `2024-10-07`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.marketlinc.com Amazon RSA 2048 M03	`2024-01-05` - `2025-02-02`	a year	crt.sh
clearbitscripts.com Amazon RSA 2048 M03	`2024-05-11` - `2025-06-08`	a year	crt.sh
clearbit.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.marketo.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
pixel.byspotify.com WR3	`2024-06-22` - `2024-09-20`	3 months	crt.sh
trk.techtarget.com GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
*.quora.com R11	`2024-07-09` - `2024-10-07`	3 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.company-target.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
clearbitjs.com Amazon RSA 2048 M02	`2023-09-18` - `2024-10-17`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-06-30` - `2025-07-30`	a year	crt.sh
*.spotify.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-02-04`	a year	crt.sh
ibc-flow.techtarget.com WR3	`2024-07-02` - `2024-09-30`	3 months	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
apm-proxy.app.elstc.co R3	`2024-05-16` - `2024-08-14`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Frame ID: EFFC647F45AD31408DB7025C623E59CE
Requests: 117 HTTP requests in this frame

Frame: https://a18132920325.cdn.optimizely.com/client_storage/a18132920325.html
Frame ID: BF011B1D823C2974C1F946A7A6E8CF1B
Requests: 1 HTTP requests in this frame

Frame: https://10713890.fls.doubleclick.net/activityi;dc_pre=CM6EqJz1nocDFd7EwgQd030J6w;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181781261z8865912973za201zb865912973;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball'
Frame ID: F214FF1EF1EF7BB6EAA0C029EACB3C53
Requests: 1 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0107/9541/site/www.elastic.co.json?t=1
Frame ID: 7BE177673F31267A820AE21293A000BB
Requests: 5 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 882CB20AD545D5FED00F05F6D5A66555
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&upid=46vcaz5&upv=1.1.0
Frame ID: 5F0033B7E07E2837C5D191BF2573D5E0
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=c3ugtv46u366&eId=c3ugtv46u366&region=US&forceShow=false&skipCampaigns=false&sessionId=ce5c04f7-a06f-4405-a552-a4f3cfdea281&sessionStarted=1720698449.149&campaignRefreshToken=dbd640ed-546a-4743-94b0-4e92464cc8a1&hideController=false&pageLoadStartTime=1720698441075&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27
Frame ID: FA18B50A2862FBC60B720CB4318F46D3
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1720698441075
Frame ID: 7EFBE20A1A326B19669CB896A4483CFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free and Open Search: The Creators of Elasticsearch, ELK & Kibana | Elastic

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

132
Requests

95 %
HTTPS

34 %
IPv6

38
Domains

67
Subdomains

64
IPs

3
Countries

2455 kB
Transfer

7347 kB
Size

75
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://cloud.elastic.co/
Title: Login

Search URL Search Domain Scan URL

URL: https://cloud.elastic.co/registration
Title: Start free trial

Search URL Search Domain Scan URL

URL: https://partners.elastic.co/findapartner/
Title: Find a partner

Search URL Search Domain Scan URL

URL: https://discuss.elastic.co/
Title: Forum

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/elastic-co

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/elasticsearch

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elastic.co

Search URL Search Domain Scan URL

URL: https://www.twitter.com/elastic

Search URL Search Domain Scan URL

URL: https://github.com/elastic

Search URL Search Domain Scan URL

URL: https://jobs.elastic.co/#/
Title: Career portal

Search URL Search Domain Scan URL

URL: https://login.elastic.co/login/partner
Title: Partner login

Search URL Search Domain Scan URL

URL: https://partners.elastic.co/English/register_email.aspx
Title: Request access

Search URL Search Domain Scan URL

URL: https://secure.ethicspoint.com/domain/media/en/gui/74447/index.html
Title: EthicsPoint portal

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/home/default.aspx
Title: Investor resources

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/governance/corporate-governance/default.aspx
Title: Governance

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/financials/quarterly-results/default.aspx
Title: Financials

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/stock/stock-quote/default.aspx
Title: Stock

Search URL Search Domain Scan URL

URL: https://www.apache.org/
Title: Apache Software Foundation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://secure.adnxs.com/seg?t=1&add=35414607 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607

Request Chain 74

https://10713890.fls.doubleclick.net/activityi;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181781261z8865912973za201zb865912973;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball' HTTP 302
https://10713890.fls.doubleclick.net/activityi;dc_pre=CM6EqJz1nocDFd7EwgQd030J6w;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181781261z8865912973za201zb865912973;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball'

Request Chain 81

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D25986%26time%3D1720698444134%26url%3Dhttps%253A%252F%252Fwww.elastic.co%252Fblog%252Fhow-hunt-masquerade-ball%2527%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true&liSync=true&e_ipv6=AQIFzn4jgw6BowAAAZChnp4WxpmMmSPhfjfbLEa5gi8lhh9kpl-WMyvGUXnm3jzE4XOItw

Request Chain 88

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMyMv7QGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297DRr05b8hZrnfuaaCYckCKRZWplzVua-85JD_Ll48knM

Request Chain 119

https://insight.adsrvr.org/track/up?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&upid=46vcaz5&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&upid=46vcaz5&upv=1.1.0

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request how-hunt-masquerade-ball' Show response
www.elastic.co/blog/ 255 KB
46 KB 581ms
403ms Document
text/html 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server / Next.js

Resource Hash

f1de032c434c6304a206f36f19a7a756b0eddc6f770b7760cffe9e87fed49f6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-type: text/html; charset=utf-8
date: Thu, 11 Jul 2024 11:47:21 GMT
etag: "174evt2hwde5l6k"
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
flags
optifs: undefined
referrer-policy: strict-origin-when-cross-origin
server: my-server
strict-transport-security: max-age=0
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-change-language: true
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-powered-by: Next.js
x-served-by: cache-bfi-krnt7300094-BFI, cache-mia-kmia1760076-MIA
x-timer: S1720698441.657254,VS0,VE373
x-xss-protection: 1; mode=block

GET
H2 200 18132920325.js Show response
cdn.optimizely.com/js/ 1 MB
214 KB 289ms
75ms Script
text/javascript 2600:1408:c400:38c::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/18132920325.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:38c::13b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

22a49386a872203f459ecf59a84e13a68142f70639ab2258680f44e85fd09fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: W_CdUptjmbzqIevPCFSvdq8nEDHUMIFg
content-encoding: br
date: Thu, 11 Jul 2024 11:47:21 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: YBY3XHXKH8D4VDR4
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 19972
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="55";dur=0,cdnip;desc="2600:1408:c400:38c::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1720698441238_400219279_938960386_1581_1727_55_60_219";dur=1
content-length: 217920
x-amz-id-2: c+tBCyq5GeC1NCTdbWU7fomiN8YrKygM+7/gBAGhKLy1bRL8zZ1zEf4nv0jY3p8NPW85fFRnPxw=
last-modified: Thu, 11 Jul 2024 09:53:57 GMT
server: AmazonS3
etag: "1ecd576b8ce55566d4ba2d9c171fb39d"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 113994dc6c62e4f0.css
www.elastic.co/_next/static/css/ 569 KB
76 KB 100ms
99ms Stylesheet
text/css 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

3b6718815387fed6eb6dc66171793aace9e8553fd871ac55706ba7f517062702

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:21 GMT
age: 2656
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-kbfi7400046-BFI, cache-mia-kmia1760076-MIA
content-length: 78020
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:44 GMT
server: my-server
x-timer: S1720698441.074506,VS0,VE69
etag: W/"8e3f7-190a1618fe0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 webpack-58f32fb4d94c1706.js Show response
www.elastic.co/_next/static/chunks/ 28 KB
14 KB 99ms
99ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/chunks/webpack-58f32fb4d94c1706.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

d5c17953295bb977d6fb3cb53ff2abec93be7a954bcc6fd38823f320c77b0714

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:21 GMT
age: 2656
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-kbfi7400022-BFI, cache-mia-kmia1760076-MIA
content-length: 13306
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:44 GMT
server: my-server
x-timer: S1720698441.308770,VS0,VE69
etag: W/"705f-190a1618fe0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 framework-777eaea61c44dd56.js Show response
www.elastic.co/_next/static/chunks/ 127 KB
41 KB 104ms
104ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/chunks/framework-777eaea61c44dd56.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

2904795fe5a1b2f28d02857acb595b29c909bbde97a82c35a540ca66624ba409

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:21 GMT
age: 2637
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300061-BFI, cache-mia-kmia1760076-MIA
content-length: 42166
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:45 GMT
server: my-server
x-timer: S1720698441.411382,VS0,VE72
etag: W/"1fbb4-190a16193c8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 220, 0

GET
H2 200 main-67c94ab4410f6ed6.js Show response
www.elastic.co/_next/static/chunks/ 74 KB
23 KB 101ms
100ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/chunks/main-67c94ab4410f6ed6.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

36fb76e8cf1709aa14f1ff86437298b610d521df026cc17e421d8fb57ed0a895

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:21 GMT
age: 2637
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-kbfi7400096-BFI, cache-mia-kmia1760076-MIA
content-length: 23314
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:44 GMT
server: my-server
x-timer: S1720698442.526668,VS0,VE69
etag: W/"12880-190a1618fe0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 219, 0

GET
H2 200 _app-85ab9ab0521da712.js Show response
www.elastic.co/_next/static/chunks/pages/ 907 KB
259 KB 103ms
102ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

37bb75771d4f694416c5f62b36cc9d8454f939dc4e7a9778afa7cfbca7c0be2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:21 GMT
age: 2656
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-kbfi7400020-BFI, cache-mia-kmia1760076-MIA
content-length: 264803
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:44 GMT
server: my-server
x-timer: S1720698442.566376,VS0,VE72
etag: W/"e2de3-190a1618fe0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 404-ad48309031b7e6ac.js Show response
www.elastic.co/_next/static/chunks/pages/ 412 B
1006 B 117ms
103ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/chunks/pages/404-ad48309031b7e6ac.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

65481feeb098e544cb51f30dcacb1907a6f5d3193808eed442ee4f5b4d6b2cf5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:22 GMT
age: 2519
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300031-BFI, cache-mia-kmia1760076-MIA
content-length: 283
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:44 GMT
server: my-server
x-timer: S1720698442.023713,VS0,VE72
etag: W/"19c-190a1618fe0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 _buildManifest.js Show response
www.elastic.co/_next/static/N-KILWDBab4_fv1q3v7dQ/ 8 KB
3 KB 115ms
102ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/N-KILWDBab4_fv1q3v7dQ/_buildManifest.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

9c2bb98a325220b6514e63f8c7732fd40665eb27219374c4aa271923d787c464

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:22 GMT
age: 2657
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300050-BFI, cache-mia-kmia1760076-MIA
content-length: 2593
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:44 GMT
server: my-server
x-timer: S1720698442.023713,VS0,VE71
etag: W/"20de-190a1618fe0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 _ssgManifest.js Show response
www.elastic.co/_next/static/N-KILWDBab4_fv1q3v7dQ/ 77 B
784 B 112ms
99ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/_next/static/N-KILWDBab4_fv1q3v7dQ/_ssgManifest.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:22 GMT
age: 2656
x-dns-prefetch-control: off
x-cache: HIT, MISS
flags
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
optifs: undefined
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-kbfi7400115-BFI, cache-mia-kmia1760076-MIA
content-length: 67
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:40:44 GMT
server: my-server
x-timer: S1720698442.023697,VS0,VE69
etag: W/"4d-190a1618fe0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Language, X-Change-Language, flags, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 6, 0

GET
H2 200 nav-platform.png
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltb72b02d269f3201a/6643847599f5a8667dc35ac7/ 44 KB
45 KB 168ms
31ms Image
image/png 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltb72b02d269f3201a/6643847599f5a8667dc35ac7/nav-platform.png
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 64fd3f7c1f3f05093090f950a257c22e2bcb2edcb9d34e8eda156269acfc0196

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:21 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300705
age: 1779673
x-cache: HIT, HIT, HIT
fastly-io-info: ifsz=48119 idim=720x420 ifmt=png ofsz=45268 odim=720x420 ofmt=png
content-disposition: inline; filename=nav-platform.png
fastly-stats: io=1
content-length: 45268
x-request-id: 6aea1f0f66c0dc591cedb33e5962f4ef
x-served-by: cache-sjc10028-SJC, cache-bfi-krnt7300119-BFI, cache-mia-kmia1760034-MIA
x-runtime: 75ms
server: contentstack
x-timer: S1720698441.210512,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
etag: "l+Jgy7jgX3BW6DF2UIRwLZpXfWQuvluJLeUwb/UxHPE"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltb72b02d269f3201a.download
accept-ranges: bytes
x-cache-hits: 3, 12, 0

GET
H2 200 logo-stack-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt0090c6239e64faf8/62aa0980c949fd5059e8aebc/ 379 B
867 B 167ms
30ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt0090c6239e64faf8/62aa0980c949fd5059e8aebc/logo-stack-32-color.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 30827b15c369c38b972105fb55c83ec0e72ebc11071f35ffeefd3fd7eaa2a54b

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:21 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300706
age: 676155
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=logo-stack-32-color.svg
fastly-stats: io=1
content-length: 243
x-request-id: 02d4dc9eeb60c0aba748fe0f07bde9ed
x-served-by: cache-sjc10042-SJC, cache-bfi-krnt7300118-BFI, cache-mia-kmia1760034-MIA
x-runtime: 71ms
server: contentstack
x-timer: S1720698441.210428,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt0090c6239e64faf8.download
accept-ranges: bytes
x-cache-hits: 17, 16, 0

GET
H2 200 logo-cloud-24-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltdb0f38c35ae455dc/5d07f086877575d0584760a3/ 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltdb0f38c35ae455dc/5d07f086877575d0584760a3/logo-cloud-24-color.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 7ca480b9b77f0deec726cf870d050b83a624217f099a39db027f66b605376112

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:21 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300705
age: 1774544
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=logo-cloud-24-color.svg
fastly-stats: io=1
content-length: 829
x-request-id: 4ef03f33d21e99f9f4c30527e02f8f06
x-served-by: cache-sjc10068-SJC, cache-bfi-krnt7300119-BFI, cache-mia-kmia1760034-MIA
x-runtime: 66ms
server: contentstack
x-timer: S1720698441.242765,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltdb0f38c35ae455dc.download
accept-ranges: bytes
x-cache-hits: 18, 1, 0

GET
H2 200 logo-enterprise-search-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt549f7d977c2a88f4/5d082d34616162aa5a85707d/ 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt549f7d977c2a88f4/5d082d34616162aa5a85707d/logo-enterprise-search-32-color.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 128de7d0d5b2541873587ab687c13251b9a8a8919bf03036fb2ad4df3ed9fa1a

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:21 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300706
age: 2405643
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=logo-enterprise-search-32-color.svg
fastly-stats: io=1
content-length: 819
x-request-id: 9b67c91868880577d287a7defe50f327
x-served-by: cache-sjc10061-SJC, cache-bfi-krnt7300114-BFI, cache-mia-kmia1760034-MIA
x-runtime: 122ms
server: contentstack
x-timer: S1720698441.274032,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt549f7d977c2a88f4.download
accept-ranges: bytes
x-cache-hits: 1, 3, 0

GET
H2 200 logo-security-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltf58b7c8e04706979/5e20f1a8132ead1155e8d0a4/ 915 B
792 B 31ms
31ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltf58b7c8e04706979/5e20f1a8132ead1155e8d0a4/logo-security-32-color.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: c4e3e359a856ad0a1976b66c934301135a3e85ccf8f0353da823f385bc4d23b9

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:21 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300708
age: 1383591
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=logo-security-32-color.svg
fastly-stats: io=1
content-length: 511
x-request-id: e1d859d5f984491ef7748394a01972d8
x-served-by: cache-sjc1000085-SJC, cache-bfi-kbfi7400037-BFI, cache-mia-kmia1760034-MIA
x-runtime: 81ms
server: contentstack
x-timer: S1720698441.275913,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltf58b7c8e04706979.download
accept-ranges: bytes
x-cache-hits: 183, 0, 0

GET
H2 200 logo-observability-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltbf6ba0d0e0e1e5ab/5e20f19a2aa8e40a75136318/ 854 B
1 KB 44ms
29ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltbf6ba0d0e0e1e5ab/5e20f19a2aa8e40a75136318/logo-observability-32-color.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: df4bc968515a2d2e12f42248a74536e1eef5beea7bf3b8b511e62296989040fd

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300710
age: 191317
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=logo-observability-32-color.svg
fastly-stats: io=1
content-length: 500
x-request-id: 2835b196999c3ee51762c60ccac47fb2
x-served-by: cache-sjc10046-SJC, cache-bfi-krnt7300029-BFI, cache-mia-kmia1760034-MIA
x-runtime: 108ms
server: contentstack
x-timer: S1720698442.024061,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltbf6ba0d0e0e1e5ab.download
accept-ranges: bytes
x-cache-hits: 15, 0, 0

GET
H2 200 icon-checkmark-decorative-border.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltacc5e178e52f430e/647ccc7b6be35fb5eabd2100/ 2 KB
2 KB 47ms
33ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltacc5e178e52f430e/647ccc7b6be35fb5eabd2100/icon-checkmark-decorative-border.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 530cac6c10c3d23af5d4a730320f81d2afdd5b0632165cb3c122db6988d7926c

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300712
age: 771378
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=icon-checkmark-decorative-border.svg
fastly-stats: io=1
content-length: 1846
x-request-id: e0d8f98a5754ba450261cc901ad8000b
x-served-by: cache-sjc10030-SJC, cache-bfi-krnt7300024-BFI, cache-mia-kmia1760034-MIA
x-runtime: 97ms
server: contentstack
x-timer: S1720698442.024403,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltacc5e178e52f430e.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 icon-briefcase.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt9f634b6f74878698/647ccc625637890f19859454/ 2 KB
1 KB 44ms
30ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt9f634b6f74878698/647ccc625637890f19859454/icon-briefcase.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 9607942e266bb8193783f8bea0310a334d05c2161520a8ca23816e5956df8a1b

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300705
age: 191317
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=icon-briefcase.svg
fastly-stats: io=1
content-length: 1149
x-request-id: 35470c4d112819278db6dbf22d00126e
x-served-by: cache-sjc10074-SJC, cache-bfi-kbfi7400031-BFI, cache-mia-kmia1760034-MIA
x-runtime: 83ms
server: contentstack
x-timer: S1720698442.024356,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt9f634b6f74878698.download
accept-ranges: bytes
x-cache-hits: 1, 0, 0

GET
H2 200 logo-nav-dropdown-48x48-cisco.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt652fec920f2b1a14/650c1d87aa86c13fa1cc288c/ 63 KB
48 KB 53ms
38ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt652fec920f2b1a14/650c1d87aa86c13fa1cc288c/logo-nav-dropdown-48x48-cisco.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: f79982f09db7b58d3da73047b535f2b13ec64294e3339442aca9833b08e82901

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300705
age: 1991621
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=logo-nav-dropdown-48x48-cisco.svg
fastly-stats: io=1
content-length: 48307
x-request-id: dc3423c917be3d97e410b847216cc3f8
x-served-by: cache-sjc10081-SJC, cache-bfi-krnt7300052-BFI, cache-mia-kmia1760034-MIA
x-runtime: 82ms
server: contentstack
x-timer: S1720698442.025048,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt652fec920f2b1a14.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 logo-dropdown-48x48-sitecore.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte788c0f923f209a3/668c49f5534bb913eb26e9e8/ 5 KB
2 KB 72ms
58ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte788c0f923f209a3/668c49f5534bb913eb26e9e8/logo-dropdown-48x48-sitecore.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: b2fcad0da1fac1591660d7fd76e835502e448336c3629498b769f86248950041

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300714
age: 228436
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=logo-dropdown-48x48-sitecore.svg
fastly-stats: io=1
content-length: 2071
x-request-id: 7e64221249b022242ae6a7b85e43d11d
x-served-by: cache-sjc1000133-SJC, cache-bfi-kbfi7400102-BFI, cache-mia-kmia1760034-MIA
x-runtime: 56ms
server: contentstack
x-timer: S1720698442.025106,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blte788c0f923f209a3.download
accept-ranges: bytes
x-cache-hits: 1, 7, 0

GET
H2 200 logo-nav-dropdown-48x48-comcast.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt90a52ed02808cbc1/650c1dadb25642d90add1e4e/ 47 KB
33 KB 46ms
32ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt90a52ed02808cbc1/650c1dadb25642d90add1e4e/logo-nav-dropdown-48x48-comcast.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: b8291ac2cef05851c83bd2aa96f90317064e6559d0ffa372a0932175ee9897d5

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300705
age: 1397329
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=logo-nav-dropdown-48x48-comcast.svg
fastly-stats: io=1
content-length: 33880
x-request-id: 22be9f896c240a9a4c8c9325ea1d4e8e
x-served-by: cache-sjc1000084-SJC, cache-bfi-kbfi7400036-BFI, cache-mia-kmia1760034-MIA
x-runtime: 160ms
server: contentstack
x-timer: S1720698442.024940,VS0,VE0
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt90a52ed02808cbc1.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 icon-code-self-closing.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt96bf0c70d7851e7d/64b6cd8378402d4f9cc28b43/ 2 KB
2 KB 51ms
38ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt96bf0c70d7851e7d/64b6cd8378402d4f9cc28b43/icon-code-self-closing.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: c667ab2f123ed450a52309995bfe1a4dcd6c62dc63fad468db86f621b6afd68c

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300712
age: 773584
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=icon-code-self-closing.svg
fastly-stats: io=1
content-length: 1419
x-request-id: 52bf8664aba509ee860ce8216aa666f7
x-served-by: cache-sjc1000101-SJC, cache-bfi-krnt7300097-BFI, cache-mia-kmia1760034-MIA
x-runtime: 74ms
server: contentstack
x-timer: S1720698442.024929,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt96bf0c70d7851e7d.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 logo-tagline_secondary_all_white-177.svg
images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltf8467a95eaa27e4a/6638d7da0d02e4e98155aaa3/ 18 KB
8 KB 206ms
30ms Image
image/svg+xml 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltf8467a95eaa27e4a/6638d7da0d02e4e98155aaa3/logo-tagline_secondary_all_white-177.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: be8c45598c314d84a7d25f73fbb801c1e7e5eba32b047ee68543f033c912bdaa

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300710
age: 677131
x-cache: HIT, HIT
content-disposition: inline; filename=logo-tagline_secondary_all_white-177.svg
fastly-stats: io=1
content-length: 7839
x-request-id: 674b256ee2b8072e8801d506370b0b0c
x-served-by: cache-sjc10062-SJC, cache-mia-kmia1760067-MIA
x-runtime: 97ms
server: contentstack
x-timer: S1720698442.189236,VS0,VE0
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 34, 5

GET
H2 200 footer-icon-linkedin.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte7cfb1a091901ce1/5eb00c925751b2150e57a9d6/ 1 KB
1 KB 51ms
39ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte7cfb1a091901ce1/5eb00c925751b2150e57a9d6/footer-icon-linkedin.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 410e2467e40d82041d4d061ecee6e853250746292ed79aecc066234921b854f6

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300711
age: 1997098
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=footer-icon-linkedin.svg
fastly-stats: io=1
content-length: 729
x-request-id: f40626376ea609348c3e007a78080d75
x-served-by: cache-sjc10038-SJC, cache-bfi-krnt7300055-BFI, cache-mia-kmia1760034-MIA
x-runtime: 70ms
server: contentstack
x-timer: S1720698442.024921,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blte7cfb1a091901ce1.download
accept-ranges: bytes
x-cache-hits: 2, 0, 0

GET
H2 200 footer-icon-youtube.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt7c28b18be98b1af8/5eb00ca908d37e6d82ef7655/ 2 KB
1 KB 44ms
32ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt7c28b18be98b1af8/5eb00ca908d37e6d82ef7655/footer-icon-youtube.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 27b0b70722f00843062f450be0dbe797a3dea123fb8427b190ea75c97cd2d1e2

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300701
age: 187960
x-cache: HIT, HIT, HIT
content-disposition: inline; filename=footer-icon-youtube.svg
fastly-stats: io=1
content-length: 843
x-request-id: 8c1d88f9d898eb7b7e968e5390bcd178
x-served-by: cache-sjc10068-SJC, cache-bfi-kbfi7400084-BFI, cache-mia-kmia1760034-MIA
x-runtime: 120ms
server: contentstack
x-timer: S1720698442.024852,VS0,VE0
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt7c28b18be98b1af8.download
accept-ranges: bytes
x-cache-hits: 4, 0, 0

GET
H2 200 footer-icon-facebook.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt75566c5278ad68da/5eb00c59d238e314f259fbea/ 1 KB
1 KB 45ms
34ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt75566c5278ad68da/5eb00c59d238e314f259fbea/footer-icon-facebook.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: b5ba1c490f21a75341ba57f563d231ff7b466222da8ba7364c5ebe5705c7b4b8

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300714
age: 1903007
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=footer-icon-facebook.svg
fastly-stats: io=1
content-length: 580
x-request-id: 4fa27b0fe4c881fabf6e17ab417035c2
x-served-by: cache-sjc1000135-SJC, cache-bfi-kbfi7400056-BFI, cache-mia-kmia1760034-MIA
x-runtime: 79ms
server: contentstack
x-timer: S1720698442.024857,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt75566c5278ad68da.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 footer-icon-twitter.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt341fed86979a9fbb/5eb00c76b8a6356e4ddc1180/ 3 KB
2 KB 70ms
59ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt341fed86979a9fbb/5eb00c76b8a6356e4ddc1180/footer-icon-twitter.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: c8b428cc3366b0b2cf2d6b7e5fd1be1416fe411777526095dfae2c0a5d9967f6

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300704
age: 1304766
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=footer-icon-twitter.svg
fastly-stats: io=1
content-length: 1379
x-request-id: d8786203b920e996c7aea57f25284f14
x-served-by: cache-sjc10022-SJC, cache-bfi-kbfi7400090-BFI, cache-mia-kmia1760034-MIA
x-runtime: 91ms
server: contentstack
x-timer: S1720698442.052760,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt341fed86979a9fbb.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 icon-footer-github.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt6ef5841a45696d80/64ca2a6fc530871313bc3822/ 1 KB
912 B 70ms
59ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt6ef5841a45696d80/64ca2a6fc530871313bc3822/icon-footer-github.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 6e8d47fed7e719c4409a31be2bf0e4acbdd21d5b863b77181be4029b399a139a

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300714
age: 1403588
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=icon-footer-github.svg
fastly-stats: io=1
content-length: 643
x-request-id: 33a739bbbab7b8eddde9940b47b16926
x-served-by: cache-sjc10050-SJC, cache-bfi-krnt7300048-BFI, cache-mia-kmia1760034-MIA
x-runtime: 92ms
server: contentstack
x-timer: S1720698442.052752,VS0,VE2
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt6ef5841a45696d80.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 261 KB
81 KB 231ms
69ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58RLH5

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a59d52f17d7a26549fcd8f2c3e1057b6f851a7809002e3764d73518a7c234ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82418
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 11:47:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 445 KB
131 KB 342ms
181ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f39985eb9c514632a3f01514b3539d95207d0a73ff359000ae443f897759da8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134469
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 11:47:22 GMT

GET
H2 200 18132920325 Show response
tapi.optimizely.com/api/js/odds/project/ 5 KB
988 B 273ms
156ms XHR
application/json 2606:4700::6812:e1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/js/odds/project/18132920325?project=18132920325&c_euid=55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6db58d67e093aa0acd75584edd845d2de2be33a588fc22d9c64873fbf833e5f0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elastic.co
access-control-allow-credentials: true
cf-ray: 8a188eeebf0a742e-MIA

GET
H2 200 geo4.js Show response
cdn3.optimizely.com/js/ 307 B
323 B 143ms
54ms Script
application/javascript 104.18.30.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e436bacf043e5b336d1474581e212c7f5f6fc2529bd20db37b01169f50fa7a8

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: br
server: cloudflare
cf-ray: 8a188eef29cf7434-MIA
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK ip.json Show response
api.demandbase.com/api/v2/ 4 KB
2 KB 265ms
86ms Script
application/javascript 52.85.132.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.demandbase.com/api/v2/ip.json?key=KYDN0LSk0dG01e5rGpSIc2M3pBbb53vxi8a7pwkv&callback=optimizely_demandbase

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-61.iad50.r.cloudfront.net

Software

nginx /

Resource Hash

f81ff0361ff937b97dc45577155d36d46065e921d68f034cc874a71b65774e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 11:47:22 GMT
Identification-Source: CENTRAL
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 07b0e28d0c589c8a26610bbc5dcd660a.cloudfront.net (CloudFront)
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Amz-Cf-Pop: IAD50-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Request-ID: 49da68fc-a98d-486c-9a49-59e469923c2c
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding, Origin
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
Api-Version: v2
X-Amz-Cf-Id: 8bp8I-WrKUaK2F9VxWJbc346n-lrAj2Qb4eOgtszX1dDQX_OCYD2iw==
Expires: Wed, 10 Jul 2024 11:47:22 GMT

GET
H2 200 afd038c28b604cfab5371be2bed7d258.png
cdn.optimizely.com/img/18132920325/ 155 KB
155 KB 69ms
61ms Image
image/png 2600:1408:c400:38c::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.optimizely.com/img/18132920325/afd038c28b604cfab5371be2bed7d258.png

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:38c::13b8 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4ca87b176413c04d0ec8b4e83b7d0990bf1f2485443c88737f5e496326ecf62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: CDRMabkov_W2topV0hDZjB1pxA07cXjM
date: Thu, 11 Jul 2024 11:47:22 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 20 Mar 2024 13:39:01 GMT
server: AmazonS3
x-amz-request-id: 5B1S1MRCSM4Z51QD
etag: "d246a7da16aed7c7f621a53635474da8"
x-amz-server-side-encryption: AES256
content-type: image/png
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="57";dur=0,cdnip;desc="2600:1408:c400:38c::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1720698442034_400219279_938962437_470_1693_57_0_146";dur=1
accept-ranges: bytes
content-length: 158397
x-amz-id-2: RfKAMBuIce8TwI0vA06barQunI6/Vj04IBClWXg8O05hFuIM6R41EHxOCQ870XVK+UO/OXMK+d4=

GET
H2 200 notosansjapanese.css
fonts.googleapis.com/earlyaccess/ 3 KB
696 B 188ms
72ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/notosansjapanese.css

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28b2daaba34cf81a2cfcc1387f8b643970b99217d4bf38d81998f1881728d250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Thu, 11 Jul 2024 11:47:22 GMT

GET
H2 200 forms2-theme-plain.css
info.elastic.co/js/forms2/css/ 828 B
534 B 386ms
44ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.elastic.co/js/forms2/css/forms2-theme-plain.css

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 6396
etag: "ba4696-33c-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a188ef09add9ad2-MIA
content-length: 246
expires: Thu, 11 Jul 2024 15:47:22 GMT

GET
H2 200 forms2.css
info.elastic.co/js/forms2/css/ 13 KB
3 KB 383ms
42ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.elastic.co/js/forms2/css/forms2.css

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 20:57:39 GMT
server: cloudflare
age: 6396
etag: "3c1cc1-3437-619b21e0856c0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8a188ef09adc9ad2-MIA
content-length: 2623
expires: Thu, 11 Jul 2024 15:47:22 GMT

GET
H2 200 a18132920325.html
a18132920325.cdn.optimizely.com/client_storage/ Frame BF01 0
0 316ms
85ms Document
text/html 23.33.193.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a18132920325.cdn.optimizely.com/client_storage/a18132920325.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.33.193.145 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-33-193-145.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=120
content-encoding: br
content-length: 756
content-type: text/html; charset=utf-8
date: Thu, 11 Jul 2024 11:47:22 GMT
etag: "245be1180d08455924703d8a60dfb016"
last-modified: Thu, 11 Jul 2024 09:53:04 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=25 origin; dur=0 cdn;desc="AkamaiION";dur=0,rtt;desc="52";dur=0,cdnip;desc="23.33.193.145";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1720698442205_389047409_1797631787_2518_1042_52_62_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: EceZYnKA18xXsBsE9KziBJerO7yYCPmBl72M1hfL2OFmx+r4TdOphafYo7+jEFq55E9o/S7+mvU=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: 4M0DPEVTYXC2NEKQ
x-amz-server-side-encryption: AES256
x-amz-version-id: NufLHgpySYaNp8qUg8aOzzyWYO4kLoGM

GET
H2 200 icon-code-self-closing.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt96bf0c70d7851e7d/64b6cd8378402d4f9cc28b43/ 2 KB
0 40ms
40ms Image
image/svg+xml 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt96bf0c70d7851e7d/64b6cd8378402d4f9cc28b43/icon-code-self-closing.svg
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: c667ab2f123ed450a52309995bfe1a4dcd6c62dc63fad468db86f621b6afd68c

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
content-encoding: gzip
fastly-io-served-by: vpop-haf2300712
age: 773584
x-cache: MISS, HIT, HIT
content-disposition: inline; filename=icon-code-self-closing.svg
fastly-stats: io=1
content-length: 1419
x-request-id: 52bf8664aba509ee860ce8216aa666f7
x-served-by: cache-sjc1000101-SJC, cache-bfi-krnt7300097-BFI, cache-mia-kmia1760034-MIA
x-runtime: 74ms
server: contentstack
x-timer: S1720698442.024929,VS0,VE1
x-contentstack-organization: blte0c820e234b5b1e5
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt96bf0c70d7851e7d.download
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2 200 InterVariable.woff2
www.elastic.co/static-res/fonts/ 337 KB
338 KB 112ms
109ms Font
font/woff2 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/InterVariable.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css
Origin: https://www.elastic.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
strict-transport-security: max-age=0
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 2667
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 345588
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300085-BFI, cache-mia-kmia1760076-MIA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:36:17 GMT
server: my-server
x-timer: S1720698442.450274,VS0,VE72
etag: W/"545f4-190a15d7ce8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 5, 0

GET
H2 200 MierB-Demi.woff2
www.elastic.co/static-res/fonts/ 52 KB
53 KB 108ms
105ms Font
font/woff2 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/MierB-Demi.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

130cc310c3284fad385e117c1667e2a5b904457856457ab8cb716bcb087217d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css
Origin: https://www.elastic.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
strict-transport-security: max-age=0
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 2666
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 53616
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300023-BFI, cache-mia-kmia1760076-MIA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:36:17 GMT
server: my-server
x-timer: S1720698442.450538,VS0,VE72
etag: W/"d170-190a15d7ce8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 29, 0

GET
H2 200 MierB-Regular.woff2
www.elastic.co/static-res/fonts/ 49 KB
49 KB 103ms
100ms Font
font/woff2 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/MierB-Regular.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

a673e2cdc5bd55d86ad373fd3b87892b3f0eb6a9b999d00999f5bfd33bd30b66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css
Origin: https://www.elastic.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
strict-transport-security: max-age=0
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 2663
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 49736
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300080-BFI, cache-mia-kmia1760076-MIA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:36:17 GMT
server: my-server
x-timer: S1720698442.450518,VS0,VE71
etag: W/"c248-190a15d7ce8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 39, 0

GET
H2 200 MierB-Bold.woff2
www.elastic.co/static-res/fonts/ 52 KB
52 KB 104ms
102ms Font
font/woff2 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/MierB-Bold.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

2365eb8fb2b07c00216a641efcd4177720838e57d8bd97be638f684f2c9f1596

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/_next/static/css/113994dc6c62e4f0.css
Origin: https://www.elastic.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
strict-transport-security: max-age=0
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 2663
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 53196
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300112-BFI, cache-mia-kmia1760076-MIA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:36:17 GMT
server: my-server
x-timer: S1720698442.450511,VS0,VE72
etag: W/"cfcc-190a15d7ce8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 34, 0

GET
H2 200 404_page Show response
www.elastic.co/content/ 1 KB
1 KB 283ms
283ms Fetch
application/json 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/content/404_page?locale=en

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

dfc55f64887b4aab1062eec4f8aa541bdb6410ca1408778c9422c5daf072bc57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
traceparent: 00-3e86230c5ec94b9c6e404386dda23d97-4cf31a185ba66f6d-01
estc-key: eed7Eiquae4iaqu3zuNioTho
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:22 GMT
age: 2536
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 744
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300035-BFI, cache-mia-kmia1760076-MIA
referrer-policy: strict-origin-when-cross-origin
server: my-server
x-timer: S1720698443.610307,VS0,VE71
etag: W/"52c-vx9zafkNURZvwOnsEHSwp4Ywj5o"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
accept-ranges: bytes
x-cache-hits: 61, 0

GET
H2 200 gdpr-data Show response
www.elastic.co/ 102 B
592 B 361ms
360ms Fetch
application/json 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/gdpr-data

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

cf3d32f0a43e6e04d76d9e3b86cc5f415c1709c999bf21abc50d65e125dedd33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

traceparent: 00-3e86230c5ec94b9c6e404386dda23d97-a95cb6290744b9f0-01
Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=0
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:22 GMT
x-dns-prefetch-control: off
x-cache: MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-mia-kmia1760076-MIA
referrer-policy: strict-origin-when-cross-origin
server: my-server
x-timer: S1720698443.612036,VS0,VE331
etag: W/"66-Nr8Wa71cub4LsaPJIL0N90YcfZA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 1 KB
1 KB 257ms
62ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 /
Resource Hash: 78c6ca08dfdca6848df2980f330e4dd175a45fe8e3986368cd50c34a5da8f1e5

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: br
cdn-edgestorageid: 1067
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 07/11/2024 11:47:23
cdn-pullzone: 954456
last-modified: Fri, 05 Jul 2024 15:20:16 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "66880f30-263"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: db2d9cf9de6ac24448560a53c92c837f
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
385 B 198ms
48ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.elastic.co
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: e0ded1d3-0abf-4262-8147-b28e91f73ea6

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.62.0/ 338 KB
67 KB 87ms
86ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.62.0/core-en.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1206 /
Resource Hash: 567a38af30fd593cbfde7c06e6b41d8f14dc5cc84392d793b352d55a12bc3cd8

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Thu, 11 Jul 2024 11:47:22 GMT
content-encoding: br
cdn-edgestorageid: 1068
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 07/08/2024 11:21:17
cdn-pullzone: 954456
last-modified: Fri, 05 Jul 2024 15:20:16 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "66880f30-107e2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, must-revalidate, proxy-revalidate, max-age=3600
cdn-requestid: 0cd71824f80ff82f42b70daf8005fbb0
cdn-requestcountrycode: US
cdn-status: 200
expires: Mon, 08 Jul 2024 12:21:17 GMT

GET
H2 200 67332803.js Show response
cs.iubenda.com/cookie-solution/confs/js/ 225 B
794 B 111ms
62ms Script
application/javascript 2400:52e0:1a00::1206:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cs.iubenda.com/cookie-solution/confs/js/67332803.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.62.0/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-IL1-1206 /

Resource Hash

a8c9129fb9b09f3cd8aa85c160a41ce5710cdb29228652b900cf4ea74c13f8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Thu, 11 Jul 2024 11:47:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cdn-edgestorageid: 1206
cdn-cachedat: 07/08/2024 17:12:19
cdn-pullzone: 1019485
last-modified: Fri, 10 May 2024 19:33:22 GMT
server: BunnyCDN-IL1-1206
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"663e7682-e1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
access-control-allow-credentials: true
cdn-requestid: 16e659c8b85c784382d83baf1a9c22f2
cdn-requestcountrycode: US
cdn-status: 200
expires: Mon, 08 Jul 2024 18:12:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
95 KB 343ms
342ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7TEQDPTH5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efc1fa5538d5ca8aaa42621aac2b005f5797e68132c3ebb4bb925f39423f7972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 11:47:23 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 214 KB
77 KB 340ms
339ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10713890&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80871f96732c24e4cfb8c658bd18b04196ae432c2de17b4c234436b2e742a162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78578
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 11:47:23 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 520ms
58ms Script
application/javascript 2600:1408:c400:2a::17da:da0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:2a::17da:da0e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Jul 2024 09:18:59 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=77603
accept-ranges: bytes
content-length: 14011

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 486ms
58ms Script
text/javascript 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 10:30:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4642
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 11 Jul 2024 12:30:02 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 47 KB
14 KB 512ms
60ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 11 Jul 2024 11:47:23 GMT
last-modified: Mon, 08 Jul 2024 16:08:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89A428F35D5E4ACA82E13611802F40B4 Ref B: MIAEDGE1305 Ref C: 2024-07-11T11:47:24Z
etag: "804a6d1951d1da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13828

GET
H3 200 qevents.js Show response
a.quora.com/ 41 KB
15 KB 436ms
44ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
x-amz-version-id: jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: M04HPBTPY5GDBBF5
age: 7341883
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified: Thu, 28 Mar 2024 17:33:19 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag: W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 8a188efabc797429-MIA
expires: Thu, 11 Jul 2024 15:47:23 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 528ms
57ms Script
application/javascript 146.75.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2024 20:58:07 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000111-IAD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 484ms
32ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12116

GET
H2 200 9541.js Show response
script.crazyegg.com/pages/scripts/0107/ 7 KB
3 KB 507ms
44ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0107/9541.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65e14e0158e993bda515ad8fae0bd5c2306662710712722b58eed35f0ecd962

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17075
cf-polished: origSize=7384
ce-version: 11.5.237
cf-bgj: minify
last-modified: Thu, 11 Jul 2024 07:02:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8a188efb2baedad1-MIA

GET
H2 200 e8eb94c57118720c.min.js Show response
tag.demandbase.com/ 80 KB
23 KB 532ms
64ms Script
application/javascript 18.160.10.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/e8eb94c57118720c.min.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-89.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

35df8bc5f2d0bf8011815bd4288312531684e00f5f787319415d8ef9cb3b2644

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: V6cLi_droXeGTMekSGkeYJPtm62DIjzW
content-encoding: gzip
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
date: Thu, 11 Jul 2024 11:05:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 2524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jul 2024 23:04:55 GMT
server: AmazonS3
etag: W/"4aefd2ae0deda7963761df9b1662cb15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: kUzYUBUrZhKKqX9O2UQ4HPZBhxNtO6pgWBZBk9Uo0fAlziZkxOM2qg==

GET
H2 200 deployment.js Show response
lift-ai-js.marketlinc.com/elastic.co/ 10 KB
3 KB 583ms
106ms Script
application/javascript 18.160.10.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lift-ai-js.marketlinc.com/elastic.co/deployment.js?975238739
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-69.iad12.r.cloudfront.net
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 174a3ee5c69f642b208c8e088c759c612edb70bb3dfa8a26d51d819dc2ca3489

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
content-encoding: gzip
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
content-length: 2569
x-amz-cf-id: nSxlW22wXKbEgyp4CvexDrkz7ftPjiKNW5U5jsQ3oHRaVfivwSgebw==

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_ec27dac96e63040fe28d23ffcf4a8453/ 2 KB
1 KB 600ms
152ms Script
application/javascript 2600:9000:2509:1200:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_ec27dac96e63040fe28d23ffcf4a8453/tags.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2509:1200:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Clearbit /

Resource Hash

2aa863a6bdfe901e5d28ce1af309d992ee0c275b5690331ca24430817f387f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 e7f87e384798b4a94964cbcf8e4db94c.cloudfront.net (CloudFront)
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P2
etag: W/"c00a3ef521a911e9dd48758e96196ba5"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: u5j9Iq__VYQWjNLnrR1UN62VOLtS_dGtHLwCV5aMuuvsXNdjUHYaGA==

GET
H2 200 forms.js Show response
marketo.clearbit.com/assets/v1/marketo/ 27 KB
9 KB 404ms
154ms Script
application/javascript 3.141.92.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marketo.clearbit.com/assets/v1/marketo/forms.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.141.92.115 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-92-115.us-east-2.compute.amazonaws.com

Software

Clearbit /

Resource Hash

4063e72c353fcac556ca10a2d6d26666e4b486aaefaa1872585b3f9e88b91adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
last-modified: Mon, 03 Jun 2024 21:59:08 GMT
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 risk.js Show response
risk.clearbit.com/v1/ 11 KB
5 KB 387ms
149ms Script
application/javascript 3.141.92.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://risk.clearbit.com/v1/risk.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.141.92.115 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-141-92-115.us-east-2.compute.amazonaws.com

Software

Clearbit /

Resource Hash

d608225c48a0a7ec4d3665991dba4382c292c1c389f469e522600923d47168a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
x-api-version: 2016-05-03
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 178ms
57ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 11:47:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: EPJvmrFkSx56KrrwhRZu65YpHyHWcXCcalwuiuzRrPBgts6pze+t4/TABrvL4xXTjxIqpToy+6PGBthjTmvqGQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 256ms
52ms Script
application/x-javascript 13.32.182.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.182.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-182-121.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 07:21:37 GMT
Content-Encoding: gzip
Via: 1.1 bad10a325a27114250a7d64ce1bcf6ac.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C2
Age: 15948
x-amz-server-side-encryption: AES256
ETag: W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: v2fFXdDGcJescVvTvoey6GACthSmpkq77kjS-XGWGnVBUgcgBl8u8Q==

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=1&add=35414607
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607

0
1 KB

115ms
114ms

Script
application/javascript

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Server

68.67.160.137 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:24 GMT
an-x-request-uuid: bdfb84b2-1932-418d-b43c-264259eedb53
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.73; 38.132.118.73; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:24 GMT
an-x-request-uuid: 820ba43d-3850-4c4d-8489-0c48760c4756
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607
x-proxy-origin: 38.132.118.73; 38.132.118.73; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 235ms
56ms Script
application/x-javascript 23.207.134.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.134.130 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-134-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 11:47:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H/1.1 200
OK rtp.js Show response
sjrtp2-cdn.marketo.com/rtp-api/v1/ 0
232 B 286ms
56ms Script
application/x-javascript 23.213.95.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=elasticco

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.213.95.227 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-95-227.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Date: Thu, 11 Jul 2024 11:47:24 GMT
Server: Jetty(9.4.45.v20220203)
Connection: keep-alive
Content-Length: 0
Content-Type: application/x-javascript; charset=UTF-8

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 22 KB
22 KB 187ms
35ms Script
text/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:42:30 GMT
via: 1.1 google
age: 294
x-guploader-uploadid: ACJd0No_Byp4oOxQwBDFedNiwPSH0SK6jnk1-UvqlrGEceyDo9XZqn4V8wysMi4MbW2StbFPvkmg3M8_oQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22096
last-modified: Tue, 25 Jun 2024 13:55:33 GMT
server: UploadServer
etag: "4eddeec95afda969b3d1b2fb970c1eb1"
x-goog-generation: 1719323733334567
x-goog-hash: crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 22096
accept-ranges: bytes
expires: Thu, 11 Jul 2024 12:42:30 GMT

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 190ms
55ms Script
text/javascript 2606:4700:4400::ac40:973c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:973c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 26304
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 8a188efccbb53360-MIA
expires: Thu, 11 Jul 2024 12:07:24 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/5ff74fd61aa34eff83665499b5a912ce/ 43 B
423 B 267ms
58ms Image
image/gif 52.87.92.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/5ff74fd61aa34eff83665499b5a912ce/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.87.92.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-87-92-154.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 11:47:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,d0620531cc99588b4ab3f7a5b95c66c0,10.0.0.146,64208,38.132.118.73,,390097848401,1,1720698444.396,0.002,,.,0,0,0.000,0.004,-,0,0,203,267,133,10,26847,,,,,,-,
Content-Type: image/gif

POST
H2 204 write Show response
idb.iubenda.com/ 0
592 B 366ms
171ms XHR
text/plain 2400:52e0:1a00::1207:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://idb.iubenda.com/write?db=hits1

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-IL1-1207 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cdn-edgestorageid: 1207
x-influxdb-build: OSS
x-influxdb-version: v2.7.5
cdn-cachedat: 07/11/2024 11:47:24
cdn-pullzone: 967785
server: BunnyCDN-IL1-1207
cdn-proxyver: 1.04
cdn-requestpullcode: 204
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=0
access-control-allow-credentials: true
cdn-requestid: 05935d453bf63e63c3511fce3e56002c
cdn-requestcountrycode: US
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cdn-requestpullsuccess: True

POST
H2 204 collect Show response
analytics.google.com/g/ 0
253 B 191ms
64ms Fetch
text/plain 2607:f8b0:4004:c21::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Q7TEQDPTH5&gtm=45je4790v884236656z8865912973za200zb865912973&_p=1720698441080&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1728627483.1720698444&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAACA&_s=1&uid=55fe455e-b2f7-4b6c-9ef4-133b6b1b2412&sid=1720698443&sct=1&seg=0&dl=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&dt=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch%2C%20ELK%20%26%20Kibana%20%7C%20Elastic&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_template=%2F404&ep.canonical_tag=https%3A%2F%2Fwww.elastic.co&ep.eu_id=55fe455e-b2f7-4b6c-9ef4-133b6b1b2412&ep.user_agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&ep.team=blog&ep.page_category_dl=blog&ep.page_sub_category_dl=&ep.page_clean=www.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&ep.page_author=&ep.page_category=&ep.page_keywords=&ep.page_date_published=&ep.page_date_modified=&ep.utm_source_qparam=&ep.utm_medium_qparam=&tfd=3521&_z=fetch
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elastic.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 64ms
63ms Ping
text/plain 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7TEQDPTH5&cid=1728627483.1720698444&gtm=45je4790v884236656z8865912973za200zb865912973&aip=1&uid=55fe455e-b2f7-4b6c-9ef4-133b6b1b2412&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7TEQDPTH5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elastic.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
74 B 47ms
43ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
via: 1.1 google
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.elastic.co
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id: 9f2f83b3-f217-4473-bf4d-8a44a7bfa7d6

GET
H2

200

activityi;dc_pre=CM6EqJz1nocDFd7EwgQd030J6w;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
10713890.fls.doubleclick.net/ Frame F214
Redirect Chain

https://10713890.fls.doubleclick.net/activityi;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
https://10713890.fls.doubleclick.net/activityi;dc_pre=CM6EqJz1nocDFd7EwgQd030J6w;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;ua...

0
0

121ms
119ms

Document
text/html

172.253.63.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10713890.fls.doubleclick.net/activityi;dc_pre=CM6EqJz1nocDFd7EwgQd030J6w;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181781261z8865912973za201zb865912973;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball'?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10713890&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jul 2024 11:47:24 GMT
expires: Thu, 11 Jul 2024 11:47:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jul 2024 11:47:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10713890.fls.doubleclick.net/activityi;dc_pre=CM6EqJz1nocDFd7EwgQd030J6w;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181781261z8865912973za201zb865912973;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball'?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 0
23 B 187ms
113ms Image
image/png 142.251.179.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10713890;type=conve0;cat=uniqu0;ord=1;num=657006994795;npa=0;auiddc=612413751.1720698444;ps=1;pcor=1525720376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181781261z8865912973za201zb865912973;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball'?

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:24 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9806871422449809772"}],"aggregatable_trigger_data":[{"filters":[{"14":["10909904"]}],"key_piece":"0x6c645930dbdf9900","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x511800c4b72b37b","not_filters":{"14":["10909904"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"1402222313324513218","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9806871422449809772","filters":[{"14":["10909904"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9806871422449809772","filters":[{"14":["10909904"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9806871422449809772","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9806871422449809772","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10713890"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_dzxpwixmjt9l/ 3 B
124 B 165ms
31ms XHR
application/json 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_dzxpwixmjt9l/config
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 a2_dzxpwixmjt9l_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 98ms
35ms XHR
application/json 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_dzxpwixmjt9l_telemetry
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 107ms
30ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1720698444104&id=a2_dzxpwixmjt9l&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=28642f44-7223-49a3-867d-9101f21f7cc5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 www.elastic.co.json Show response
script.crazyegg.com/pages/data-scripts/0107/9541/site/ Frame 7BE1 48 KB
5 KB 108ms
44ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0107/9541/site/www.elastic.co.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0107/9541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31eefa21668c2a29ce5fe86bc62d60c3820650b5901a55db27d6825511848a97

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17074
ce-version: 11.5.237
content-length: 4745
last-modified: Thu, 11 Jul 2024 07:02:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a188efc4ff1746b-MIA

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
761 B 203ms
81ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 43CAB12E60CB45A0B9E7DE056B7EA1BC Ref B: MIAEDGE2915 Ref C: 2024-07-11T11:47:24Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYc91OJmaVx/ql14ELM6A==
x-fs-uuid: 00061cf7538999a571fea975e042cce8

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D25986%26time%3D1720698444134%26url%3Dhttps%253A%252F%252Fwww.elastic.co%252Fblog%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true&liSync=true&e_ipv6=AQIFzn4jgw6Bow...

0
488 B

500ms
401ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true&liSync=true&e_ipv6=AQIFzn4jgw6BowAAAZChnp4WxpmMmSPhfjfbLEa5gi8lhh9kpl-WMyvGUXnm3jzE4XOItw
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A29870D4736747F1BD31F2ECB8DE6BA7 Ref B: MIA301000101049 Ref C: 2024-07-11T11:47:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYc91OcRfC4gjWcoBAspQ==

Redirect headers

date: Thu, 11 Jul 2024 11:47:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 49F54D7FA4C34D4BA7245D9D22AA0ACA Ref B: MIAEDGE2706 Ref C: 2024-07-11T11:47:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=25986&time=1720698444134&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&cookiesTest=true&liSync=true&e_ipv6=AQIFzn4jgw6BowAAAZChnp4WxpmMmSPhfjfbLEa5gi8lhh9kpl-WMyvGUXnm3jzE4XOItw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYc91OZbSASjX1NDlGSPg==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
565 B 200ms
82ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AE59CDED42F543BD860A21B2AEC69BBB Ref B: MIAEDGE2706 Ref C: 2024-07-11T11:47:24Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.elastic.co
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYc91OJmxPpJjGyYGevzw==

GET
H2 204 5425009.js Show response
bat.bing.com/p/action/ 0
117 B 58ms
54ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5425009.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 11 Jul 2024 11:47:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7C6AC0BA96E44EB941C3D2DC6CF3DF3 Ref B: MIAEDGE1305 Ref C: 2024-07-11T11:47:24Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 125ms
121ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5425009&tm=gtm002&Ver=2&mid=34eece63-b8ff-49f8-8560-0b092415f508&sid=56cc0f503f7b11efaef5c54b9dd91983&vid=56cc5d503f7b11ef87c4794fb59af958&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch,%20ELK%20%26%20Kibana%20%7C%20Elastic&p=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&r=&lt=2100&evt=pageLoad&sv=1&cdb=AQAA&rn=730325

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 Jul 2024 11:47:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3AC8111298344E09D336EC2C25A66AC Ref B: MIAEDGE1305 Ref C: 2024-07-11T11:47:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 558ms
442ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=db248b3e-fe44-43ff-9c36-dd15842b57ea&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=40666743-3f7e-4adb-95e5-c0465ca501a0&tw_document_href=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&tw_iframe_status=0&txn_id=o50k2&type=javascript&version=2.3.30

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 69
date: Thu, 11 Jul 2024 11:47:23 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 70756053fcd9fa22
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 82b481e6cf29ae3abea2c08f42c8446c57d3dc8d9b9e79ab217ec77130b50f40
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 199ms
48ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=db248b3e-fe44-43ff-9c36-dd15842b57ea&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=40666743-3f7e-4adb-95e5-c0465ca501a0&tw_document_href=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&tw_iframe_status=0&txn_id=o50k2&type=javascript&version=2.3.30

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 11 Jul 2024 11:47:24 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: d5af3f866daf31bb
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: aaa422364cd4bb3d4723601028fec60c0832961944970190642765ab475a38cc
content-length: 43

GET
H2 200 sync
s.company-target.com/s/ Frame 882C 0
0 189ms
57ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e8eb94c57118720c.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Thu, 11 Jul 2024 11:47:24 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMyMv7QGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297DRr05b8hZrnfuaaCYckCKRZWplzVua-85JD_Ll48knM

26 B
348 B

197ms
58ms

Image
image/gif

99.84.191.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297DRr05b8hZrnfuaaCYckCKRZWplzVua-85JD_Ll48knM
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: HTTP/1.1
Server: 99.84.191.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-94.iad89.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 11:47:25 GMT
Via: 1.1 6c2e384f59feb64a0c739aee7f890066.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD89-C2
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
X-Amz-Cf-Id: s8aBgMuUd65r4xNE3rNrxJ9POf7tOmigGB2ZtfconMtS5GjwF7MOfw==

Redirect headers

date: Thu, 11 Jul 2024 11:47:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297DRr05b8hZrnfuaaCYckCKRZWplzVua-85JD_Ll48knM
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 77ms
75ms XHR
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1282211031&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&ul=en-us&de=UTF-8&dt=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch%2C%20ELK%20%26%20Kibana%20%7C%20Elastic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABBAAAAC~&jid=1556571604&gjid=43017688&cid=1728627483.1720698444&tid=UA-12395217-10&_gid=1958935926.1720698444&_slc=1&gtm=45He4790n81KNJMG2Mv865912973za200&cd18=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1228186249

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elastic.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 190ms
64ms XHR
text/plain 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12395217-10&cid=1728627483.1720698444&jid=1556571604&gjid=43017688&_gid=1958935926.1720698444&_u=YCDAiAABBAAAAG~&z=810116572

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 Jul 2024 11:47:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elastic.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 snippet.js Show response
lift-ai-js.marketlinc.com/elastic.co/ 25 KB
7 KB 95ms
94ms Script
application/javascript 18.160.10.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lift-ai-js.marketlinc.com/elastic.co/snippet.js?viewId=62108688
Requested by: Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/elastic.co/deployment.js?975238739
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-69.iad12.r.cloudfront.net
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: 17895ea4d52e8d4e08d16493327cb8117b670f7ea22ecb337871e9e9d1565682

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:23 GMT
content-encoding: gzip
via: 1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache="set-cookie"
content-length: 6666
x-amz-cf-id: tqY3p0JATvxVp_F8EMtdU4b2c7Gu7pRPT5ogThSE5yw9yDKwZPpvgA==

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
1 KB 252ms
98ms XHR
application/json 13.249.39.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&page_title=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch%2C%20ELK%20%26%20Kibana%20%7C%20Elastic
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.39.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-39-46.iad89.r.cloudfront.net
Software: nginx /
Resource Hash: ea33ed1e08bebba48438484f21e2c4d0961f1df4b2fa2f6053b1a788156fc1b4

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 b5e757a7da6f6fe6261f56a8a9646880.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1
x-cache: Miss from cloudfront
request-id: 8b883a63-7d6e-4e30-be35-a177181586d7
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.elastic.co
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uZ1l1guVtG3jWGvoq3OC8cmAlf9cf4Vb8_rBSPqn4n7NJhe6OUYs9Q==
expires: Wed, 10 Jul 2024 11:47:24 GMT

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_ec27dac96e63040fe28d23ffcf4a8453/ 4 KB
2 KB 763ms
248ms Script
application/javascript 3.132.116.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_ec27dac96e63040fe28d23ffcf4a8453/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_ec27dac96e63040fe28d23ffcf4a8453/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.132.116.56 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-132-116-56.us-east-2.compute.amazonaws.com

Software

Clearbit /

Resource Hash

f447981ed1b34305eff4623b1e4338434e3b05fd5217b04adc5620b8576873a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_ec27dac96e63040fe28d23ffcf4a8453/ 168 KB
45 KB 645ms
176ms Script
application/javascript 3.132.116.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_ec27dac96e63040fe28d23ffcf4a8453/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_ec27dac96e63040fe28d23ffcf4a8453/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.132.116.56 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-132-116-56.us-east-2.compute.amazonaws.com

Software

Clearbit /

Resource Hash

980f5af0c090f1950fea315c753978e282e00ed7fc548e787cd01dcf574c3d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 1cb0fe96622d360e640b6ca18b5ba2ec.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 101 KB
34 KB 53ms
51ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0107/9541.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747b3bdf8958ba6ea546f95ee4255f40cdb156a5e61cb7c0b4324f77181c7991

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 30 Jun 2024 16:56:32 GMT
server: cloudflare
age: 61052
cf-polished: origSize=103828
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8a188efcbcb4dad1-MIA

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame 7BE1 39 B
146 B 613ms
84ms XHR
text/plain 18.223.53.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1720698444360&tk=a975a01f865cdfd30f4346c55e628d6f
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.223.53.13 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-223-53-13.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 5c6b16e6d15763c028488e00ac3df87f558a420aa3626ba7cc099f26d7de53e3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Jul 2024 11:47:24 GMT
cache-control: no-store
server: awselb/2.0
content-length: 39
content-type: text/plain

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 7BE1 19 B
463 B 523ms
356ms XHR
application/json 18.165.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-98-69.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:50:31 GMT
via: 1.1 3aec3b44fb976422e513a356ccd76eb8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4
age: 16365414
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: DDg117Rv4FMpNDJ7-q6Lu2Zzeu7M7BY2xOhFUzpHaRpqEWDzfwMWQQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 7BE1 19 B
461 B 522ms
354ms XHR
application/json 18.165.83.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-79.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 01:29:28 GMT
via: 1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 3233877
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: c4XB0m20ugbogtiqY5JdFhv4SMbujxL0Zeqs6qd0jOQgiNfA5RW0Ow==

GET
H2 200 www.elastic.co.json Show response
script.crazyegg.com/pages/data-scripts/0107/9541/sampling/ Frame 7BE1 152 B
206 B 38ms
37ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0107/9541/sampling/www.elastic.co.json?t=477971
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/1cb0fe96622d360e640b6ca18b5ba2ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20c03e8fa77116848a56939868a3cc247bd744c0516a027a2b438176d873f6c0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17074
ce-version: 11.5.237
content-length: 142
last-modified: Thu, 11 Jul 2024 07:02:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a188efd68c4746b-MIA

GET
BLOB 200
OK 71115831-36d6-4a23-acc4-4a5ec5863624
https://www.elastic.co/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elastic.co/71115831-36d6-4a23-acc4-4a5ec5863624
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

POST
H2 200 ingest Show response
pixels.spotify.com/v1/ 52 B
271 B 55ms
47ms Fetch
application/json 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pixels.spotify.com/v1/ingest

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

e15377387c329960f9746b4232e4c0f49083c411ac5ba9d51ac3cb45f0648f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jul 2024 11:47:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
grpc-status: 0
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
grpc-encoding: identity
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.elastic.co
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grpc-accept-encoding: gzip,x-snappy-framed

OPTIONS
H2 200 ingest
pixels.spotify.com/v1/ Frame 0
0 489ms
352ms Preflight 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.spotify.com/v1/ingest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elastic.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 11 Jul 2024 11:47:24 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 53ms
52ms Script
application/x-javascript 23.207.134.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.134.130 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-134-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 11:47:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 19 Oct 2024 11:47:24 GMT

POST
H/1.1 200 visitor-scoring Show response
visitor-scoring-c.marketlinc.com/ 188 B
866 B 114ms
112ms XHR
application/json 54.152.178.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-c.marketlinc.com/visitor-scoring
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.178.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-178-255.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash: af089469006746453ec063320ede74373e76ad5e02979772f2deac10c838f6bd

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Jul 2024 11:47:24 GMT
Content-Encoding: gzip
Server: Apache/2.4.59 () OpenSSL/1.0.2k-fips
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 173
Expires: -1

OPTIONS
H/1.1 200 visitor-scoring
visitor-scoring-c.marketlinc.com/ Frame 0
0 665ms
56ms Preflight 54.152.178.255
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-c.marketlinc.com/visitor-scoring
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.178.255 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-178-255.compute-1.amazonaws.com
Software: Apache/2.4.59 () OpenSSL/1.0.2k-fips /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elastic.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 0
Date: Thu, 11 Jul 2024 11:47:24 GMT
Server: Apache/2.4.59 () OpenSSL/1.0.2k-fips

GET
H2 200 1636465863246433 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 59ms
58ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1636465863246433?v=2.9.161&r=stable&domain=www.elastic.co&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a6fafbca04f85f5ebcb92b38a5f1445300af196e8aa97803a0569838730f290

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 11:47:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12461
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=64, mss=1297, tbw=64148, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: bM8PYg4jOQD1+iZj6k9kYub+ydKKcskuIFspHpvdBIvy1g+TpSxqcvs4c+QwcOOOmP3mS7n+2sQlz0GwnKuIWw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET gif.gif
ibc-flow.techtarget.com/a/ 0
0

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 512ms
68ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16579567&r=1720698444447&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.elastic.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Jul 2024 11:47:24 GMT
expires: Thu, 11 Jul 2024 11:47:24 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ACJd0No_AwvjDNhWzHd4h2LsG_tc4qFHNvUMBvqNcCZAWnUSl6j3J6d7oZr8MhspYYCbc-wUot0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 270 KB
93 KB 69ms
68ms Script
application/javascript 173.194.66.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-985891458&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

33cd5a1523bf99745a7646c46bff9220ec04a60a61b0259ddbabbcea6549c4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95071
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 11:47:25 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
400 B 198ms
73ms XHR
text/html 2600:9000:2009:2c00:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=uZ1l1guVtG3jWGvoq3OC8cmAlf9cf4Vb8_rBSPqn4n7NJhe6OUYs9Q==&api-version=v2
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:2c00:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 07:58:12 GMT
x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
via: 1.1 4abbc8dea2f611b4eb50afc252d13326.cloudfront.net (CloudFront)
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 13754
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 2e4eySmuYNhYD3SDUAqFfHAAWlsXkqm9bJp8n-aVoxOeSLGkdYV4yQ==

GET
BLOB 200
OK 66e6fe79-8845-412d-88c7-aefd2c9dc881
https://www.elastic.co/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elastic.co/66e6fe79-8845-412d-88c7-aefd2c9dc881
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 024e41c582154068167df60396174022322fae5b74c245e2085f1c57f5bb60aa

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

POST
H/1.1 200
OK visitWebPage
813-mam-392.mktoresp.com/webevents/ 2 B
482 B 990ms
138ms Ping
text/plain 134.213.193.62
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://813-mam-392.mktoresp.com/webevents/visitWebPage?_mchNc=1720698445303&_mchCn=&_mchId=813-MAM-392&_mchTk=_mch-elastic.co-1720698445302-15638&_mchHo=www.elastic.co&_mchPo=&_mchRu=%2Fblog%2Fhow-hunt-masquerade-ball%27&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jul 2024 11:47:26 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f20625d3-4294-4968-b83f-d68cfaf36991

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 176ms
57ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1636465863246433&ev=PageView&dl=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&rl=&if=false&ts=1720698445335&cd[referrer]=&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720698445318.400859447662308200&ler=empty&cdl=API_unavailable&it=1720698444425&coo=false&rqm=GET

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2835, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 Jul 2024 11:47:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 542ms
424ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1636465863246433&ev=PageView&dl=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&rl=&if=false&ts=1720698445335&cd[referrer]=&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720698445318.400859447662308200&ler=empty&cdl=API_unavailable&it=1720698444425&coo=false&rqm=FGET

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x915c5bd2c9b2a089","source_keys":["1","2"]},{"key_piece":"0x5971b814e0083020","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 11 Jul 2024 11:47:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390343548017024044", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=14, mss=1297, tbw=3149, tp=-1, tpl=-1, uplat=90, ullat=0
pragma: no-cache
x-fb-debug: 7ytgGLF+P6dRqL2IFtgzYBf5neWIpzATB8/AbOIT1uVxMXI66Anx70BEyPVoHZWA91xY8LsNTRRPkdj5FClnVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390343548017024044"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 709ms
166ms XHR
application/json 3.132.116.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.132.116.56 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-132-116-56.us-east-2.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jul 2024 11:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Origin
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.elastic.co
access-control-expose-headers
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
content-type: application/json

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/985891458/ 3 KB
2 KB 480ms
74ms Script
text/javascript 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985891458/?random=1720698445464&cv=11&fst=1720698445464&bg=ffffff&guid=ON&async=1&gtm=45be4790v895104880z8865912973za201zb865912973&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&hn=www.googleadservices.com&frm=0&tiba=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch%2C%20ELK%20%26%20Kibana%20%7C%20Elastic&ga_uid=G-Q7TEQDPTH5.55fe455e-b2f7-4b6c-9ef4-133b6b1b2412&npa=0&pscdl=noapi&auid=612413751.1720698444&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=dmb_audience%3DEnterprise%20Business%3Bdmb_country%3DUS%3Bdmb_demandbase_sid%3D1714298%3Bdmb_employee_range%3DEnterprise%3Bdmb_indutry%3DHealthcare%20%26%20Medical%3Bdmb_revenue_range%3DOver%20%245B%3Bdmb_sub_industry%3DFacilities%3Bdmb_web_site%3Dprovidence.org&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-985891458&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

32edbe83f61127fb12a470de232d0c44cd860c0b01e12446b5192980cf9915d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/985891458/ 42 B
64 B 307ms
68ms Image
image/gif 64.233.180.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/985891458/?random=1720698445464&cv=11&fst=1720695600000&bg=ffffff&guid=ON&async=1&gtm=45be4790v895104880z8865912973za201zb865912973&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&hn=www.googleadservices.com&frm=0&tiba=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch%2C%20ELK%20%26%20Kibana%20%7C%20Elastic&ga_uid=G-Q7TEQDPTH5.55fe455e-b2f7-4b6c-9ef4-133b6b1b2412&npa=0&pscdl=noapi&auid=612413751.1720698444&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=dmb_audience%3DEnterprise%20Business%3Bdmb_country%3DUS%3Bdmb_demandbase_sid%3D1714298%3Bdmb_employee_range%3DEnterprise%3Bdmb_indutry%3DHealthcare%20%26%20Medical%3Bdmb_revenue_range%3DOver%20%245B%3Bdmb_sub_industry%3DFacilities%3Bdmb_web_site%3Dprovidence.org&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDaQooLu4Cl-duEgWCtrzj7j4RxZ5aE7SJ39AjhPza6neyiMzvl1Csc&random=2447788781&rmt_tld=0&ipr=y

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.180.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

on-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 fingerprint Show response
risk.clearbit.com/v1/ 0
208 B 161ms
159ms XHR
text/html 3.132.116.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://risk.clearbit.com/v1/fingerprint

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.132.116.56 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-132-116-56.us-east-2.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 11:47:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
x-api-version: 2016-05-03
access-control-max-age: 1728000
access-control-allow-methods: POST, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.elastic.co
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
access-control-allow-credentials: true
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 0

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame 5F00
Redirect Chain

https://insight.adsrvr.org/track/up?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&upid=46vcaz5&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&upid=46vcaz5&upv=1.1.0

0
0

78ms
56ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&upid=46vcaz5&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 11 Jul 2024 11:47:26 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 331
date: Thu, 11 Jul 2024 11:47:26 GMT
location: https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&upid=46vcaz5&upv=1.1.0
server: Kestrel

GET
H2 200 favicon.ico
www.elastic.co/ 9 KB
2 KB 108ms
107ms Other
image/x-icon 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

0cb99a895bcceec7ecb212662ae4f7cf0f5f524523359a8e863932d9ee73d17a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Jul 2024 11:47:26 GMT
age: 2668
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 1410
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300070-BFI, cache-mia-kmia1760076-MIA
server: my-server
x-timer: S1720698446.341645,VS0,VE71
etag: "25be-AAGiIm+9qeafTyH2/IqTiJHOpik"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 0

GET
H2 200 favicon.ico
www.elastic.co/ 9 KB
0 1ms
1ms Other
image/x-icon 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

0cb99a895bcceec7ecb212662ae4f7cf0f5f524523359a8e863932d9ee73d17a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:26 GMT
via: 1.1 varnish, 1.1 varnish
age: 2668
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 1410
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-krnt7300070-BFI, cache-mia-kmia1760076-MIA
server: my-server
x-timer: S1720698446.341645,VS0,VE71
etag: "25be-AAGiIm+9qeafTyH2/IqTiJHOpik"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 0

GET
H2 200 favicon-32x32.png
www.elastic.co/ 1 KB
2 KB 101ms
100ms Other
image/png 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

d0e3b2d5f0bf63e6a572eb1ca0e71c41235155674b23b699d41396d02af1e66d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/blog/how-hunt-masquerade-ball'
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
strict-transport-security: max-age=0
x-content-type-options: nosniff
date: Thu, 11 Jul 2024 11:47:26 GMT
via: 1.1 varnish, 1.1 varnish
age: 2670
x-dns-prefetch-control: off
x-cache: HIT, MISS
euid: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
content-length: 1294
x-xss-protection: 1; mode=block
x-change-language: true
x-served-by: cache-bfi-kbfi7400086-BFI, cache-mia-kmia1760076-MIA
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Jul 2024 10:37:12 GMT
server: my-server
x-timer: S1720698447.511532,VS0,VE69
etag: W/"50e-190a15e53c0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 11, 0

POST
H2 202 events Show response
apm-proxy.app.elstc.co/intake/v2/rum/ 0
284 B 138ms
130ms Fetch 35.188.12.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-proxy.app.elstc.co/intake/v2/rum/events

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.188.12.98 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

98.12.188.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-ndjson

Response headers

date: Thu, 11 Jul 2024 11:47:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-found-handling-instance: instance-0000000056
x-found-handling-cluster: 3ddd1ee09cc242c4b169d36f5a2b8b77
vary: Accept-Encoding,Origin
access-control-allow-origin: https://www.elastic.co
x-cloud-request-id: jlCpavl-QhOz5puR-Vtfuw
content-length: 0

OPTIONS
H2 200 events
apm-proxy.app.elstc.co/intake/v2/rum/ Frame 0
0 988ms
344ms Preflight 35.188.12.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-proxy.app.elstc.co/intake/v2/rum/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.188.12.98 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

98.12.188.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type
Access-Control-Request-Method: POST
Origin: https://www.elastic.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.elastic.co
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
date: Thu, 11 Jul 2024 11:47:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Accept-Encoding,Origin
x-cloud-request-id: 27dK7M0RReSOHs0dyvjWtw
x-content-type-options: nosniff
x-found-handling-cluster: 3ddd1ee09cc242c4b169d36f5a2b8b77
x-found-handling-instance: instance-0000000056

GET
H2 200 c3ugtv46u366.js Show response
js.driftt.com/include/1720698600000/ 221 KB
62 KB 516ms
96ms Script
application/javascript 18.160.18.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1720698600000/c3ugtv46u366.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/blog/how-hunt-masquerade-ball'

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-68.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

01bd6a76b1c046ae954b43977c216bad4c92fc8a3fbe05c281c486386ea786cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: P5fII4ZkmrdaOHSb00FU11FHCn31e0a1
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Thu, 11 Jul 2024 11:47:29 GMT
via: 1.1 383ad280f1e2a4497aecb7ee8d8e9144.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 42
last-modified: Mon, 01 Jul 2024 21:14:33 GMT
server: istio-envoy
etag: W/"42e8c62425e7c181d4b2d105b3f2830b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LCxb48kZ9unQQ7mu18u2Jd2_8FzzOaZqGTmJQWxm-PmvMHg5Ps6XEw==

GET
H2 200 core
js.driftt.com/ Frame FA18 0
0 435ms
317ms Document
text/html 18.160.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=c3ugtv46u366&eId=c3ugtv46u366&region=US&forceShow=false&skipCampaigns=false&sessionId=ce5c04f7-a06f-4405-a552-a4f3cfdea281&sessionStarted=1720698449.149&campaignRefreshToken=dbd640ed-546a-4743-94b0-4e92464cc8a1&hideController=false&pageLoadStartTime=1720698441075&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1720698600000/c3ugtv46u366.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-33.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Jul 2024 11:47:29 GMT
etag: W/"b2fde35d08bd6bd86097755383e1d872"
last-modified: Mon, 01 Jul 2024 21:14:23 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a66cf66feb9f859a61920422b04d33a0.cloudfront.net (CloudFront)
x-amz-cf-id: ToyLcPLrcxdPNjHkx4l-hGnnQihYkkiLwfgWmw-60gzLr3Hpono0LQ==
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: qdWYJw.Z0x9cYMwIzbqhjOaoN5DkoMFc
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 21

GET
H2 200 chat
js.driftt.com/core/ Frame 7EFB 0
0 432ms
316ms Document
text/html 18.160.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1720698441075

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1720698600000/c3ugtv46u366.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-33.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Jul 2024 11:47:29 GMT
etag: W/"b2fde35d08bd6bd86097755383e1d872"
last-modified: Mon, 01 Jul 2024 21:14:23 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 a66cf66feb9f859a61920422b04d33a0.cloudfront.net (CloudFront)
x-amz-cf-id: hqRDNw2FcyfdFopsvTapGsHsGXpM-kDfuiSFwPJna7uXBLzYOZK2FQ==
x-amz-cf-pop: IAD12-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: qdWYJw.Z0x9cYMwIzbqhjOaoN5DkoMFc
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

POST
H2 204 collect Show response
analytics.google.com/g/ 0
54 B 68ms
64ms Fetch
text/plain 2607:f8b0:4004:c21::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Q7TEQDPTH5&gtm=45je4790v884236656z8865912973za200zb865912973&_p=1720698441080&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1728627483.1720698444&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&uid=55fe455e-b2f7-4b6c-9ef4-133b6b1b2412&sid=1720698443&sct=1&seg=0&dl=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&dt=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch%2C%20ELK%20%26%20Kibana%20%7C%20Elastic&_s=2&tfd=9776&_z=fetch
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 11:47:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elastic.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 events Show response
apm-proxy.app.elstc.co/intake/v2/rum/ 0
284 B 197ms
182ms Fetch 35.188.12.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apm-proxy.app.elstc.co/intake/v2/rum/events

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.188.12.98 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

98.12.188.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-ndjson

Response headers

date: Thu, 11 Jul 2024 11:47:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-found-handling-instance: instance-0000000056
x-found-handling-cluster: 3ddd1ee09cc242c4b169d36f5a2b8b77
vary: Accept-Encoding,Origin
access-control-allow-origin: https://www.elastic.co
x-cloud-request-id: ftvbnGTYR6WOZ33iIdB5cQ
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 3 KB
1 KB 190ms
82ms Fetch
application/json 13.249.39.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=OypkowFR6hNpyUCOrEksuFsLsgWN6BE8E6QM0SH0&page=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&page_title=Free%20and%20Open%20Search%3A%20The%20Creators%20of%20Elasticsearch%2C%20ELK%20%26%20Kibana%20%7C%20Elastic&referrer=
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/_next/static/chunks/pages/_app-85ab9ab0521da712.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.39.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-39-46.iad89.r.cloudfront.net
Software: nginx /
Resource Hash: dc5183f681f44d51fdf1387bb8fbc859d28141145441f46eafa3aafbaa7363f5

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 11:47:31 GMT
identification-source: CACHE
content-encoding: gzip
via: 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1
x-cache: Miss from cloudfront
request-id: 9272d425-781a-4429-bdb3-4a775ed1901f
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.elastic.co
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KlNp-lxtMaUdoj6zgKrgjm1uj4oQBH6CDumTZErunMSWHEzn0wJOFQ==
expires: Wed, 10 Jul 2024 11:47:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ibc-flow.techtarget.com
URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16579567&r=1720698444447&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&version=2.4

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

75 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elastic.co/	1970-01-21 07:34:18	Name: euid Value: 55fe455e-b2f7-4b6c-9ef4-133b6b1b2412
.elastic.co/	1970-01-21 02:17:30	Name: optimizelyEndUserId Value: oeu1720698441888r0.38818629609300426
.info.elastic.co/	1970-01-20 21:58:20	Name: __cf_bm Value: GVtBJOh238LyCCKmIsvt8vWTWQFbxfWQDJJggHP.Yqg-1720698442-1.0.1.1-3ZHBd5eQKgoYfjzkA5KQBKfGsoMdHYIz0T8KQjA6Ri7b4hwPBGwJYn2.If5gBAg0dHyndi1g.cMcdW5dTPagHw
.elastic.co/	1970-01-20 22:41:30	Name: hashedIp Value: f31998c62cb36da2803aa439b95ce99e23457906656a85ce710714d1695c8b3f
.elastic.co/	1970-01-21 00:07:54	Name: _gcl_au Value: 1.1.612413751.1720698444
.elastic.co/	1970-01-21 00:07:54	Name: _rdt_uuid Value: 1720698444101.28642f44-7223-49a3-867d-9101f21f7cc5
.elastic.co/	1970-01-20 21:59:44	Name: _uetsid Value: 56cc0f503f7b11efaef5c54b9dd91983
.elastic.co/	1970-01-21 07:19:54	Name: _uetvid Value: 56cc5d503f7b11ef87c4794fb59af958
.elastic.co/	1970-01-21 07:34:18	Name: _ga Value: GA1.2.1728627483.1720698444
.elastic.co/	1970-01-20 21:59:44	Name: _gid Value: GA1.2.1958935926.1720698444
.elastic.co/	1970-01-20 21:58:18	Name: _dc_gtm_UA-12395217-10 Value: 1
.bing.com/	1970-01-21 07:19:54	Name: MUID Value: 3E4EA630A9F86D6D2785B289A8E46CC1
.bat.bing.com/	1970-01-20 22:08:23	Name: MR Value: 0
.techtarget.com/	1970-01-20 21:58:20	Name: __cf_bm Value: 4EY7hdLPKI7jlrobl.sPAlGjD27VvKEYLNpkSPZ8n00-1720698444-1.0.1.1-M1Pa9FtyW6WiC5MB0JofBHKSiKWIqYshKoMfNNueOAeEehmQ3ClU5HSco4UrKBhUdPRYXUMDd3Gqi4Y3I7LEoA
.linkedin.com/	1970-01-20 21:59:44	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2961:u=1:x=1:i=1720698444:t=1720784844:v=2:sig=AQEriN-5WzRqmG_S1RMw3_fP_cenPg-K"
.adnxs.com/	1970-01-21 00:07:54	Name: XANDR_PANID Value: 9ZBGjbTCCMA9UTMLPw8MDawaLJ5u2k6nhjmw7qpFAiGYrOXi735Cgn_3FF793zaNC5NZr1vqGyFVdF50do-ptAPbuls10Rd2JyfaWaw4bMw.
.adnxs.com/	1970-01-21 07:34:18	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:07:54	Name: uuid2 Value: 361161075277580383
www.elastic.co/	1970-01-21 06:43:54	Name: __spdt Value: f79fb42346424773be20a21aa87093c0
.company-target.com/	1970-01-21 07:34:18	Name: tuuid Value: 425ca364-497e-4fe4-ace2-d03808e51cbd
.company-target.com/	1970-01-21 07:34:18	Name: tuuid_lu Value: 1720698444\|ix:0\|mctv:0\|rp:0
.linkedin.com/	1970-01-21 00:07:54	Name: li_sugr Value: c3ab16f0-6a53-46aa-bd13-b76e661b15b3
.linkedin.com/	1970-01-21 06:43:54	Name: bcookie Value: "v=2&ee0bf484-efa7-4eff-8b5a-a04b7e5ee2b1"
.elastic.co/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.elastic.co/	1969-12-31 23:59:59	Name: cebs Value: 1
.adnxs.com/	1970-01-21 00:07:54	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$Ip1dbu!]tbP6j2F-XstGt!@De!$pj8z
.doubleclick.net/	1970-01-21 02:17:30	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:41:30	Name: ar_debug Value: 1
.linkedin.com/	1970-01-20 22:41:30	Name: UserMatchHistory Value: AQLMm7zANRqK4wAAAZChnprDDlDxqTny7QgSJyvsGBVlOcLWdowHSJkC3ToUXU2gdwdymYsRTvT2Tg
.linkedin.com/	1970-01-20 22:41:30	Name: AnalyticsSyncHistory Value: AQJzGj46k1IpnQAAAZChnprDhL68lTQvvTEkDxg9iMMlf8qOkb1aJ0Kp3XswUlSnio20uezvKbZw_pk4eZkZoA
.twitter.com/	1970-01-21 07:34:18	Name: guest_id_marketing Value: v1%3A172069844450335663
.twitter.com/	1970-01-21 07:34:18	Name: guest_id_ads Value: v1%3A172069844450335663
.twitter.com/	1970-01-21 07:34:18	Name: personalization_id Value: "v1_mqLB+Lb353F+x2Mp8W3ebw=="
.twitter.com/	1970-01-21 07:34:18	Name: guest_id Value: v1%3A172069844450335663
.casalemedia.com/	1970-01-21 06:43:54	Name: CMID Value: Zo-GTNHM47wAAHi1ADcAsgAA
.casalemedia.com/	1970-01-21 00:07:54	Name: CMPS Value: 2776
.casalemedia.com/	1970-01-21 00:07:54	Name: CMPRO Value: 2776
.t.co/	1970-01-21 07:34:18	Name: muc_ads Value: ff220cfa-6465-4fda-b3c8-de33da92a94b
.tremorhub.com/	1970-01-21 06:44:15	Name: tvid Value: d547f37516d74174adc948ac30ebb5b2
.tremorhub.com/	1970-01-21 07:34:18	Name: tv_UIDM Value: 425ca364-497e-4fe4-ace2-d03808e51cbd
.rubiconproject.com/	1970-01-21 06:43:54	Name: khaos Value: LYH7FDH9-28-4266
.rubiconproject.com/	1970-01-21 06:43:54	Name: khaos_p Value: LYH7FDH9-28-4266
.rubiconproject.com/	1970-01-21 00:07:54	Name: receive-cookie-deprecation Value: 1
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_audience Value: Enterprise Business
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_country Value: US
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_demandbase_sid Value: 1714298
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_employee_range Value: Enterprise
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_industry Value: Healthcare & Medical
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_revenue_range Value: Over $5B
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_sub_industry Value: Facilities
www.elastic.co/	1970-01-20 22:41:30	Name: dmb_web_site Value: providence.org
.elastic.co/	1970-01-20 21:59:44	Name: _ce.clock_data Value: 324%2C38.132.118.73%2C1%2C120f067c16b32be659e0180b31e62841%2CChrome%2CUS
.elastic.co/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.rlcdn.com/	1970-01-21 06:43:54	Name: rlas3 Value: Ulbg0/6b+tjQYFyDVU57U3g9w10q071W2sTPF/OYtIM=
.rlcdn.com/	1970-01-20 23:24:42	Name: pxrc Value: CM2Mv7QGEgUI6AcQABIGCMrdKhAA
.elastic.co/	1970-01-21 06:43:54	Name: _ce.s Value: v~c43e3175023fd04cbce36bdba87b6fa207cffdce~lcw~1720698445278~lva~1720698444456~vpv~0~v11.cs~388538~v11.s~5777efe0-3f7b-11ef-8abf-09e7455be229~lcw~1720698445279
.www.elastic.co/	1970-01-21 07:34:18	Name: vs_vid Value: RXNXEG8J8Tex5
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_vfs Value: 1
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_sid Value: zaBamXK3KhbO0
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_conv_ai Value: 5-9
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_lift_ai Value: 50-54
.www.linkedin.com/	1970-01-21 06:43:54	Name: bscookie Value: "v=1&202407111147252c72938a-f754-4692-8f43-03402e56e615AQEVLsSad_h5d1-TfEFhKHjSggGUYTam"
.elastic.co/	1969-12-31 23:59:59	Name: vs_intent Value: Low
.elastic.co/	1970-01-21 07:34:18	Name: _mkto_trk Value: id:813-MAM-392&token:_mch-elastic.co-1720698445302-15638
.elastic.co/	1970-01-21 00:07:54	Name: _fbp Value: fb.1.1720698445318.400859447662308200
.elastic.co/	1970-01-21 06:43:54	Name: cb_user_id Value: null
.elastic.co/	1970-01-21 06:43:54	Name: cb_group_id Value: null
.elastic.co/	1970-01-21 06:43:54	Name: cb_anonymous_id Value: %22f7557a3d-b317-478f-89a4-46bca4c1c7b6%22
.doubleclick.net/	1970-01-21 07:34:18	Name: IDE Value: AHWqTUmIbd5m2rwJA0LHey_K-R7zL0swshHjAe8ZGSt1wNPSZCToUZVeH1B_U02E
.elastic.co/	1970-01-21 07:34:18	Name: _ga_Q7TEQDPTH5 Value: GS1.1.1720698443.1.0.1720698446.57.0.0
.adsrvr.org/	1970-01-21 06:43:54	Name: TDID Value: de20dbcd-9e97-41cc-bd67-30486e2d954c
.rubiconproject.com/	1970-01-21 06:43:54	Name: audit_p Value: 1\|kSWh+0dwN9SLNd8JihDWj63UtdJU5G57GJYGmUQ6TaSbz16xSA9sXZgEd7ynix4n3lRElTI5a4iM1KxoLazIt5mwZQnb46mpW9SREl71hptETx4AngXONfGRvt2gmNWBXL/Z+4jM4wx0fx7HRfK2sNUleskGTHk/cmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.rubiconproject.com/	1970-01-21 06:43:54	Name: audit Value: 1\|kSWh+0dwN9SLNd8JihDWj63UtdJU5G57GJYGmUQ6TaSbz16xSA9sXZgEd7ynix4n3lRElTI5a4iM1KxoLazIt5mwZQnb46mpW9SREl71hptETx4AngXONfGRvt2gmNWBXL/Z+4jM4wx0fx7HRfK2sNUleskGTHk/cmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.adsrvr.org/	1970-01-21 06:43:54	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI2u-83qjqkD0QBRIWCgdydWJpY29uEgsIgvj4y6jqkD0QBRIXCghhcHBuZXh1cxILCNin-cuo6pA9EAUYBSACKAMyCwjoqvv4vuqQPRAFQg8iDQgBEgkKBXRpZXIzEAFaB2JjaWNleWlgAQ..
www.elastic.co/	1970-01-20 21:58:20	Name: drift_campaign_refresh Value: dbd640ed-546a-4743-94b0-4e92464cc8a1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.elastic.co/blog/how-hunt-masquerade-ball' Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.elastic.co/blog/how-hunt-masquerade-ball' Message: <link rel=preload> must have a valid `as` value
other	warning	URL: https://www.elastic.co/blog/how-hunt-masquerade-ball' Message: <link rel=preload> must have a valid `as` value
other	warning	URL: https://www.elastic.co/blog/how-hunt-masquerade-ball' Message: <link rel=preload> must have a valid `as` value
javascript	error	URL: https://www.elastic.co/blog/how-hunt-masquerade-ball' Message: Access to XMLHttpRequest at 'https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16579567&r=1720698444447&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&version=2.4' from origin 'https://www.elastic.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16579567&r=1720698444447&ref=https%3A%2F%2Fwww.elastic.co%2Fblog%2Fhow-hunt-masquerade-ball%27&version=2.4 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10713890.fls.doubleclick.net
813-mam-392.mktoresp.com
a.quora.com
a18132920325.cdn.optimizely.com
ad.doubleclick.net
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
api.demandbase.com
apm-proxy.app.elstc.co
app.clearbit.com
assets-tracking.crazyegg.com
bat.bing.com
cdn.iubenda.com
cdn.optimizely.com
cdn3.optimizely.com
connect.facebook.net
cs.iubenda.com
fonts.googleapis.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
id.rlcdn.com
idb.iubenda.com
images.contentstack.io
info.elastic.co
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
lift-ai-js.marketlinc.com
logx.optimizely.com
marketo.clearbit.com
match.adsrvr.org
munchkin.marketo.net
pagestates-tracking.crazyegg.com
pixel-config.reddit.com
pixel.byspotify.com
pixels.spotify.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
risk.clearbit.com
s.company-target.com
script.crazyegg.com
secure.adnxs.com
segments.company-target.com
sjrtp2-cdn.marketo.com
snap.licdn.com
static-www.elastic.co
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.clearbitscripts.com
tag.demandbase.com
tapi.optimizely.com
tracking.crazyegg.com
trk.techtarget.com
visitor-scoring-c.marketlinc.com
www.elastic.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
x.clearbitjs.com
ibc-flow.techtarget.com
104.17.70.206
104.18.30.209
104.244.42.3
13.107.42.14
13.249.39.46
13.32.182.121
134.213.193.62
142.251.163.155
142.251.179.148
146.75.28.157
151.101.129.140
151.101.130.137
151.101.65.140
162.159.152.17
172.253.63.149
173.194.66.97
18.160.10.69
18.160.10.89
18.160.18.33
18.160.18.68
18.165.83.79
18.165.98.69
18.223.53.13
23.207.134.130
23.213.95.227
23.33.193.145
2400:52e0:1a00::1206:2
2400:52e0:1a00::1207:2
2600:1408:c400:2a::17da:da0e
2600:1408:c400:38c::13b8
2600:1901:1:7c5::
2600:9000:2009:2c00:1d:8d6d:3b40:93a1
2600:9000:2509:1200:7:d7d6:3c40:93a1
2606:4700:4400::ac40:973c
2606:4700::6812:e1f
2606:4700::6813:9308
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c1d::9b
2607:f8b0:4004:c21::61
2607:f8b0:4004:c21::8b
2620:1ec:21::14
2620:1ec:c11::237
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:200::729
2a04:4e42:400::729
3.132.116.56
3.141.92.115
34.111.208.231
34.117.162.98
34.49.241.189
34.96.71.22
35.188.12.98
35.244.154.8
35.71.131.137
52.85.132.61
52.87.92.154
54.152.178.255
64.233.180.103
68.67.160.137
72.21.81.130
99.84.191.94
01bd6a76b1c046ae954b43977c216bad4c92fc8a3fbe05c281c486386ea786cb
024e41c582154068167df60396174022322fae5b74c245e2085f1c57f5bb60aa
0a6fafbca04f85f5ebcb92b38a5f1445300af196e8aa97803a0569838730f290
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0cb99a895bcceec7ecb212662ae4f7cf0f5f524523359a8e863932d9ee73d17a
128de7d0d5b2541873587ab687c13251b9a8a8919bf03036fb2ad4df3ed9fa1a
130cc310c3284fad385e117c1667e2a5b904457856457ab8cb716bcb087217d1
174a3ee5c69f642b208c8e088c759c612edb70bb3dfa8a26d51d819dc2ca3489
17895ea4d52e8d4e08d16493327cb8117b670f7ea22ecb337871e9e9d1565682
1a59d52f17d7a26549fcd8f2c3e1057b6f851a7809002e3764d73518a7c234ec
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20c03e8fa77116848a56939868a3cc247bd744c0516a027a2b438176d873f6c0
22a49386a872203f459ecf59a84e13a68142f70639ab2258680f44e85fd09fb8
2365eb8fb2b07c00216a641efcd4177720838e57d8bd97be638f684f2c9f1596
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
27b0b70722f00843062f450be0dbe797a3dea123fb8427b190ea75c97cd2d1e2
28b2daaba34cf81a2cfcc1387f8b643970b99217d4bf38d81998f1881728d250
2904795fe5a1b2f28d02857acb595b29c909bbde97a82c35a540ca66624ba409
2aa863a6bdfe901e5d28ce1af309d992ee0c275b5690331ca24430817f387f87
30827b15c369c38b972105fb55c83ec0e72ebc11071f35ffeefd3fd7eaa2a54b
31eefa21668c2a29ce5fe86bc62d60c3820650b5901a55db27d6825511848a97
32edbe83f61127fb12a470de232d0c44cd860c0b01e12446b5192980cf9915d8
33cd5a1523bf99745a7646c46bff9220ec04a60a61b0259ddbabbcea6549c4ad
35df8bc5f2d0bf8011815bd4288312531684e00f5f787319415d8ef9cb3b2644
36fb76e8cf1709aa14f1ff86437298b610d521df026cc17e421d8fb57ed0a895
37bb75771d4f694416c5f62b36cc9d8454f939dc4e7a9778afa7cfbca7c0be2e
3b6718815387fed6eb6dc66171793aace9e8553fd871ac55706ba7f517062702
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4063e72c353fcac556ca10a2d6d26666e4b486aaefaa1872585b3f9e88b91adb
410e2467e40d82041d4d061ecee6e853250746292ed79aecc066234921b854f6
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4ca87b176413c04d0ec8b4e83b7d0990bf1f2485443c88737f5e496326ecf62b
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
530cac6c10c3d23af5d4a730320f81d2afdd5b0632165cb3c122db6988d7926c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
567a38af30fd593cbfde7c06e6b41d8f14dc5cc84392d793b352d55a12bc3cd8
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
5c6b16e6d15763c028488e00ac3df87f558a420aa3626ba7cc099f26d7de53e3
5e436bacf043e5b336d1474581e212c7f5f6fc2529bd20db37b01169f50fa7a8
64fd3f7c1f3f05093090f950a257c22e2bcb2edcb9d34e8eda156269acfc0196
65481feeb098e544cb51f30dcacb1907a6f5d3193808eed442ee4f5b4d6b2cf5
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db58d67e093aa0acd75584edd845d2de2be33a588fc22d9c64873fbf833e5f0
6e8d47fed7e719c4409a31be2bf0e4acbdd21d5b863b77181be4029b399a139a
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
747b3bdf8958ba6ea546f95ee4255f40cdb156a5e61cb7c0b4324f77181c7991
78c6ca08dfdca6848df2980f330e4dd175a45fe8e3986368cd50c34a5da8f1e5
7ca480b9b77f0deec726cf870d050b83a624217f099a39db027f66b605376112
80871f96732c24e4cfb8c658bd18b04196ae432c2de17b4c234436b2e742a162
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
9607942e266bb8193783f8bea0310a334d05c2161520a8ca23816e5956df8a1b
980f5af0c090f1950fea315c753978e282e00ed7fc548e787cd01dcf574c3d77
9c2bb98a325220b6514e63f8c7732fd40665eb27219374c4aa271923d787c464
a65e14e0158e993bda515ad8fae0bd5c2306662710712722b58eed35f0ecd962
a673e2cdc5bd55d86ad373fd3b87892b3f0eb6a9b999d00999f5bfd33bd30b66
a8c9129fb9b09f3cd8aa85c160a41ce5710cdb29228652b900cf4ea74c13f8db
a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af089469006746453ec063320ede74373e76ad5e02979772f2deac10c838f6bd
b2fcad0da1fac1591660d7fd76e835502e448336c3629498b769f86248950041
b5ba1c490f21a75341ba57f563d231ff7b466222da8ba7364c5ebe5705c7b4b8
b8291ac2cef05851c83bd2aa96f90317064e6559d0ffa372a0932175ee9897d5
be8c45598c314d84a7d25f73fbb801c1e7e5eba32b047ee68543f033c912bdaa
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
c4e3e359a856ad0a1976b66c934301135a3e85ccf8f0353da823f385bc4d23b9
c667ab2f123ed450a52309995bfe1a4dcd6c62dc63fad468db86f621b6afd68c
c8b428cc3366b0b2cf2d6b7e5fd1be1416fe411777526095dfae2c0a5d9967f6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf3d32f0a43e6e04d76d9e3b86cc5f415c1709c999bf21abc50d65e125dedd33
d0e3b2d5f0bf63e6a572eb1ca0e71c41235155674b23b699d41396d02af1e66d
d5c17953295bb977d6fb3cb53ff2abec93be7a954bcc6fd38823f320c77b0714
d608225c48a0a7ec4d3665991dba4382c292c1c389f469e522600923d47168a6
dbfeb010a0c8acddc38dea97e228787f16ac5e30b4af96b764fa2252fe3827e4
dc5183f681f44d51fdf1387bb8fbc859d28141145441f46eafa3aafbaa7363f5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4bc968515a2d2e12f42248a74536e1eef5beea7bf3b8b511e62296989040fd
dfc55f64887b4aab1062eec4f8aa541bdb6410ca1408778c9422c5daf072bc57
e15377387c329960f9746b4232e4c0f49083c411ac5ba9d51ac3cb45f0648f36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
ea33ed1e08bebba48438484f21e2c4d0961f1df4b2fa2f6053b1a788156fc1b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc1fa5538d5ca8aaa42621aac2b005f5797e68132c3ebb4bb925f39423f7972
f1de032c434c6304a206f36f19a7a756b0eddc6f770b7760cffe9e87fed49f6c
f39985eb9c514632a3f01514b3539d95207d0a73ff359000ae443f897759da8d
f447981ed1b34305eff4623b1e4338434e3b05fd5217b04adc5620b8576873a5
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f79982f09db7b58d3da73047b535f2b13ec64294e3339442aca9833b08e82901
f81ff0361ff937b97dc45577155d36d46065e921d68f034cc874a71b65774e30

www.elastic.co Open in urlscan Pro 2a04:4e42:400::729 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

95 %HTTPS

34 %IPv6

38 Domains

67 Subdomains

64 IPs

3 Countries

2455 kBTransfer

7347 kBSize

75 Cookies

18 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.elastic.co Open in urlscan Pro
2a04:4e42:400::729 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

95 %
HTTPS

34 %
IPv6

38
Domains

67
Subdomains

64
IPs

3
Countries

2455 kB
Transfer

7347 kB
Size

75
Cookies

132 HTTP transactions
0 data transactions