URL: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solut...
Submission: On November 07 via manual from US — Scanned from DE

Summary

This website contacted 9 IPs in 3 countries across 4 domains to perform 382 HTTP transactions. The main IP is 2606:4700::6812:195e, located in United States and belongs to CLOUDFLARENET, US. The main domain is eqlplayground.io.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time eqlplayground.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
344 104.18.25.94 13335 (CLOUDFLAR...)
1 2600:1901:0:f... 15169 (GOOGLE)
6 151.101.130.217 54113 (FASTLY)
4 3.221.38.139 14618 (AMAZON-AES)
2 2600:1901:0:2... 15169 (GOOGLE)
4 35.195.130.253 396982 (GOOGLE-CL...)
1 34.95.113.255 396982 (GOOGLE-CL...)
382 9
Apex Domain
Subdomains
Transfer
345 eqlplayground.io
eqlplayground.io
9 MB
10 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 767
events.launchdarkly.com — Cisco Umbrella Rank: 884
5 KB
4 es.io
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io
136 B
4 elastic.co
feeds.elastic.co — Cisco Umbrella Rank: 95564
telemetry.elastic.co — Cisco Umbrella Rank: 52039
970 B
382 4
Domain Requested by
345 eqlplayground.io eqlplayground.io
6 app.launchdarkly.com eqlplayground.io
4 ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io eqlplayground.io
4 events.launchdarkly.com eqlplayground.io
3 telemetry.elastic.co eqlplayground.io
1 feeds.elastic.co eqlplayground.io
382 6

This site contains links to these domains. Also see Links.

Domain
www.elastic.co
Subject Issuer Validity Valid
eqlplayground.io
WE1
2024-09-18 -
2024-12-17
3 months crt.sh
apm-agent-versions.elastic.co
WR3
2024-11-07 -
2025-02-05
3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M03
2024-07-16 -
2025-08-14
a year crt.sh
telemetry.elastic.co
R10
2024-10-22 -
2025-01-20
3 months crt.sh
*.europe-west1.gcp.elastic-cloud.com
R10
2024-10-07 -
2025-01-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
Frame ID: 69C34CB89BE7D127F1AAE932A3CC733E
Requests: 376 HTTP requests in this frame

Screenshot

Page Title

Users - Kibana

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

382
Requests

95 %
HTTPS

38 %
IPv6

4
Domains

6
Subdomains

9
IPs

3
Countries

9008 kB
Transfer

33419 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

382 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request events
eqlplayground.io/s/eqldemo/app/security/users/name/administrador/
203 KB
35 KB
Document
General
Full URL
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:195e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3aa95513da19c77fda3c493b2e93e95855610f153735c0ecc864170f4a5a25
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8df0c2394c0dd9d2-FRA
content-encoding
br
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 07 Nov 2024 22:28:51 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
accept-encoding
x-content-type-options
nosniff
x-frame-options
DENY
kbn-ui-shared-deps-npm.v8.light.css
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
173 KB
25 KB
Stylesheet
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.v8.light.css
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c42647e0ac8abca234e6d5ae5f11cff97bf4970bffbe3226ab6e7cb6a70c27
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293419
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 31 Oct 2024 12:02:07 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23b18222c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kbn-ui-shared-deps-src.css
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-src/
83 KB
14 KB
Stylesheet
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-src/kbn-ui-shared-deps-src.css
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7977326224b9e3f624d11dc2ef56f89f793a01363fbb7f4f8f7f99b2d3e101a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293419
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:38 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23b18232c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
legacy_light_theme.min.css
eqlplayground.io/ui/
77 KB
12 KB
Stylesheet
General
Full URL
https://eqlplayground.io/ui/legacy_light_theme.min.css
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112ba6f9abac8104fdfaf624e0fc4376e79954ab8a515298e14d7623622d4127
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
"8e63f7c5a6041612e93d8641f4bbea87da3f0115-gzip"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 19 Feb 2024 12:18:33 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23b18242c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
bootstrap.js
eqlplayground.io/s/eqldemo/
25 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/s/eqldemo/bootstrap.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e171aacc7d894ed92e6b1b54fb557613ad7e266089d2d990be81a226dabfc7d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
"08bb946784465fbf4ae9781b635c4cf029010183-gzip"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23b58452c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kbn-ui-shared-deps-npm.dll.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
6 MB
2 MB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
023fee560cd5eae09253bebf2afda0f17ee849ad8a9f83741e06efc9517fd698
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 15 Jul 2024 11:23:17 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce94b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kbn-ui-shared-deps-src.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-src/
2 MB
587 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-src/kbn-ui-shared-deps-src.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47befc126621a6156a7e1395608e5829f2de24a926b37a634277d1bb016e582
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 21 Apr 2024 02:14:53 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce94c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
core.entry.js
eqlplayground.io/70281/bundles/core/
375 KB
91 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/core/core.entry.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
665d45c1ac595201c14e25707ca2a8a6911b8a151c5552c3a3750a020a181d23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce9502c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
ux.plugin.js
eqlplayground.io/70281/bundles/plugin/ux/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/ux/1.0.0/ux.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94bdcd2852a704c7d71feda9722e555f0f70c32bbf5346845340797ac75cfb35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293418
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 02:53:23 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce9522c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2304
server
cloudflare
maps.plugin.js
eqlplayground.io/70281/bundles/plugin/maps/1.0.0/
47 KB
14 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/maps/1.0.0/maps.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362bf30b0257a8f7bb2a4c6d5c9574c7e5ac327bf49c1ee4920c8d482822426c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293418
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 26 May 2024 15:51:04 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce9552c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
fieldFormats.plugin.js
eqlplayground.io/70281/bundles/plugin/fieldFormats/1.0.0/
63 KB
19 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/fieldFormats/1.0.0/fieldFormats.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0a6b578616fcfd3760225750cd2d474cc737fc38987296097ca9a67db2a6eb5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293418
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce9562c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
unifiedSearch.plugin.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
35 KB
10 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1594e33a4a9201b36450b9c51d702b27bef09825876ee8c18a16f23be334c875
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293418
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce9572c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
textBasedLanguages.plugin.js
eqlplayground.io/70281/bundles/plugin/textBasedLanguages/1.0.0/
5 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/textBasedLanguages/1.0.0/textBasedLanguages.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569b18005297a489cc3ea1c4b716095c41271cfd5c55c7dfc1387ee1b158ada9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:25 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce9582c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2112
server
cloudflare
kibanaReact.plugin.js
eqlplayground.io/70281/bundles/plugin/kibanaReact/1.0.0/
42 KB
13 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/kibanaReact/1.0.0/kibanaReact.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13524375c83cf34dbd6c5a092152c91c73bdb426fedfaf0b8bcf9ea3db8c5309
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293417
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 26 May 2024 15:51:04 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ce95a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
data.plugin.js
eqlplayground.io/70281/bundles/plugin/data/1.0.0/
414 KB
95 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/data/1.0.0/data.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5a4be20353cbd2670f9578f6256dafb3d14b15a049be907173ceeb9470213e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293417
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf95c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
inspector.plugin.js
eqlplayground.io/70281/bundles/plugin/inspector/1.0.0/
22 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/inspector/1.0.0/inspector.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
727e33a69c6addde047e6a89878f8207d431706fa95df8c058768f34fc4626e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293417
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 19:09:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf95e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kibanaUtils.plugin.js
eqlplayground.io/70281/bundles/plugin/kibanaUtils/1.0.0/
74 KB
25 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/kibanaUtils/1.0.0/kibanaUtils.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fd8c86fdd15efa720910ee85e5121e28ed66a28e8ef58e2835be45fdcaf92f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293417
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf95f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
usageCollection.plugin.js
eqlplayground.io/70281/bundles/plugin/usageCollection/1.0.0/
5 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/usageCollection/1.0.0/usageCollection.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ded7d1cbb8daf28e6b03da2e480228ab00a7620c3551ea983b072581803c68c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293417
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:16:37 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9602c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1883
server
cloudflare
observability.plugin.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
103 KB
31 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8b644a90913f673899aabe2bade453dd28700c82ebcdeff672ec62edeefed3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293417
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 25 Oct 2024 03:26:35 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9612c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
spaces.plugin.js
eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/
25 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/spaces.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45990338b4570bac6f22c60ee0732b7ce0c417219cc9ed77a656929fb3ad1d97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 15:39:07 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9622c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
esUiShared.plugin.js
eqlplayground.io/70281/bundles/plugin/esUiShared/1.0.0/
156 KB
43 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/esUiShared/1.0.0/esUiShared.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351831420694db689708bd7188eb8322f81262c328b4c44cdbd482be4ea79899
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293416
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9632c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
dataViews.plugin.js
eqlplayground.io/70281/bundles/plugin/dataViews/1.0.0/
47 KB
14 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dataViews/1.0.0/dataViews.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e888c22e2de877afbafccb3e51514d0a256868e03abe09d934d1bd2eb677ddb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9642c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
stackAlerts.plugin.js
eqlplayground.io/70281/bundles/plugin/stackAlerts/1.0.0/
24 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/stackAlerts/1.0.0/stackAlerts.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7f6d4212f05f03591c5c3fcf943f02f55e03aeef6238a04e64bb110d5f0ca9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293416
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 23:46:36 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9662c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
exploratoryView.plugin.js
eqlplayground.io/70281/bundles/plugin/exploratoryView/1.0.0/
44 KB
12 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/exploratoryView/1.0.0/exploratoryView.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eca894a778e286ef0a3bee56ad0b6147a2b2a60b0b0eb888006e7b704a8c657c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 25 Oct 2024 03:26:35 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9672c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visualizations.plugin.js
eqlplayground.io/70281/bundles/plugin/visualizations/1.0.0/
57 KB
18 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visualizations/1.0.0/visualizations.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f53dbec5859ab3323774cf3f2be838d22f8b1a811084ce2a473f9ba078b066e8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293416
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:54:52 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9682c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
charts.plugin.js
eqlplayground.io/70281/bundles/plugin/charts/1.0.0/
45 KB
16 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/charts/1.0.0/charts.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5bfe1ea7b7c2e42789e6c881b7ab5d40e1c6915f525f69d530f7110feece269
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293416
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9692c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
lens.plugin.js
eqlplayground.io/70281/bundles/plugin/lens/1.0.0/
39 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ea5ca61783fa9fb26fd519a6738c86efcc61b407b2f6284ced0c40dfe5441b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293416
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf96b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
embeddable.plugin.js
eqlplayground.io/70281/bundles/plugin/embeddable/1.0.0/
79 KB
22 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/embeddable/1.0.0/embeddable.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acde3d1b3acf9882d24ab27154153f9c494d7acca898628d994f9307482d5ef7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293416
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf96c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
savedObjects.plugin.js
eqlplayground.io/70281/bundles/plugin/savedObjects/1.0.0/
22 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/savedObjects/1.0.0/savedObjects.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69141d4248a01ca9f0d542d57317104930b8a33431c830c7eb405145fde9423
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf96d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
apm.plugin.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
37 KB
10 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74a7a3dfd20c1079e21defdb48de78c053be7fc636bcab2b0c5e9f972665707a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 08:49:56 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf96e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observabilityAIAssistant.plugin.js
eqlplayground.io/70281/bundles/plugin/observabilityAIAssistant/1.0.0/
15 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observabilityAIAssistant/1.0.0/observabilityAIAssistant.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b738c0a60d797eb89de3ca1584c72523bd01c4ecab38b18477f16c0166b48e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293415
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 04 Jul 2024 00:53:02 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf96f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
ml.plugin.js
eqlplayground.io/70281/bundles/plugin/ml/1.0.0/
79 KB
21 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d23109fa47d8f3e0ca76e4aa22ab45633958971dcbcabcc40b334da2873cc3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9702c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
savedObjectsFinder.plugin.js
eqlplayground.io/70281/bundles/plugin/savedObjectsFinder/1.0.0/
3 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/savedObjectsFinder/1.0.0/savedObjectsFinder.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70061e3263d04f3333568671836b464bd1ef31c73ac0de1bedd049079f4b925a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293415
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 14:58:38 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9722c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1473
server
cloudflare
savedObjectsManagement.plugin.js
eqlplayground.io/70281/bundles/plugin/savedObjectsManagement/1.0.0/
20 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/savedObjectsManagement/1.0.0/savedObjectsManagement.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c12eadfa3d39c0f52315fbb9e2fdadffc44a5bcc968d9935cac52b4ee58d8ae3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9732c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
dashboard.plugin.js
eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/
36 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/dashboard.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6cacdd1bcdd187c025d2934de613255c28b1fb605daea7e60505726d5a76a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293415
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9742c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
presentationUtil.plugin.js
eqlplayground.io/70281/bundles/plugin/presentationUtil/1.0.0/
36 KB
13 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/presentationUtil/1.0.0/presentationUtil.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714f10b62b4234d408a0b8cc0ec920e9cbb8a74105e461f1f4501dd14de4b9ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 22:28:51 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9772c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
cases.plugin.js
eqlplayground.io/70281/bundles/plugin/cases/1.0.0/
168 KB
44 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cases/1.0.0/cases.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fd570d0ec732ebbd19fb1c1bd9e769d3cd7efebf6d64f4c9e3846c0a59da5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9782c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
fleet.plugin.js
eqlplayground.io/70281/bundles/plugin/fleet/1.0.0/
157 KB
40 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/fleet/1.0.0/fleet.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ccdbf8226b1f3b5d68bb6b82d11245eb2012e71f73f4b378b519315724e313
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 22:28:51 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9792c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
logsShared.plugin.js
eqlplayground.io/70281/bundles/plugin/logsShared/1.0.0/
221 KB
65 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/logsShared/1.0.0/logsShared.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3918eba87f5a3128891e05d43cdb70145b615d3c0ebe10f1ee2a7138379f8e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf97a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
advancedSettings.plugin.js
eqlplayground.io/70281/bundles/plugin/advancedSettings/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/advancedSettings/1.0.0/advancedSettings.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256da5c755a605d4823b4d52b2484f6836843ba4185a27e653145ef67def90e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf97b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3405
server
cloudflare
assetManager.plugin.js
eqlplayground.io/70281/bundles/plugin/assetManager/1.0.0/
3 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/assetManager/1.0.0/assetManager.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6ae0193fe65771963724c08769e4a8e4288bf293550bf79423f937f8b73b4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf97d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1096
server
cloudflare
dashboardEnhanced.plugin.js
eqlplayground.io/70281/bundles/plugin/dashboardEnhanced/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dashboardEnhanced/1.0.0/dashboardEnhanced.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e831abf6e703769191b2958dcf7a9b66f0390f23fa4dfa81bc67849771822be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 05 Jun 2024 21:12:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf97e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
imageEmbeddable.plugin.js
eqlplayground.io/70281/bundles/plugin/imageEmbeddable/1.0.0/
9 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/imageEmbeddable/1.0.0/imageEmbeddable.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855f59eecbff1bfbbd7c16282ac127f2c204816c97097c0b6adc1ec0634a81c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf97f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3227
server
cloudflare
embeddableEnhanced.plugin.js
eqlplayground.io/70281/bundles/plugin/embeddableEnhanced/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/embeddableEnhanced/1.0.0/embeddableEnhanced.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fb551da13b927f20a6da352c2c43963a92cebd9b03cb07a4ea6cf71d864ecf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:54:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9802c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2341
server
cloudflare
eventAnnotationListing.plugin.js
eqlplayground.io/70281/bundles/plugin/eventAnnotationListing/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/eventAnnotationListing/1.0.0/eventAnnotationListing.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65dde7e9e4ae0947c8e1f6bf293ead5d71bb10aca162775858916e1064048b7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9812c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3725
server
cloudflare
securitySolutionEss.plugin.js
eqlplayground.io/70281/bundles/plugin/securitySolutionEss/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolutionEss/1.0.0/securitySolutionEss.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1579363bef6ab43bcb9a3813d236b9a5454599858bd5aabd7a071bfc3321c80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
188323
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 12:21:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9822c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3940
server
cloudflare
securitySolution.plugin.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
67 KB
17 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f156ef890a11a7267c257cb9665557e044e8f10f29877ae457be401ff1d7fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9842c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
lists.plugin.js
eqlplayground.io/70281/bundles/plugin/lists/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/lists/1.0.0/lists.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07fc264340fa7982d59b8a9ca684c374652a564fe8fd5985a5f51e068ceebcc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9852c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1591
server
cloudflare
aiAssistantManagementObservability.plugin.js
eqlplayground.io/70281/bundles/plugin/aiAssistantManagementObservability/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiAssistantManagementObservability/1.0.0/aiAssistantManagementObservability.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85410f1632ee30f4158be8acf623d27640a88c7965195b42820332e9fac548bf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9862c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1646
server
cloudflare
logstash.plugin.js
eqlplayground.io/70281/bundles/plugin/logstash/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/logstash/1.0.0/logstash.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddff7569e6de75efa8ab1134f46b7049ba4b380763212235eaf33ab42bfb0dc7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9872c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
monitoring.plugin.js
eqlplayground.io/70281/bundles/plugin/monitoring/1.0.0/
24 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/monitoring/1.0.0/monitoring.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56256f0edb8c550ff8f17b2b37e7206cb966c6eef5b3ece0e5e2e9aa8c56eb3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 15 Aug 2024 22:48:04 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9882c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
alerting.plugin.js
eqlplayground.io/70281/bundles/plugin/alerting/1.0.0/
23 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/alerting/1.0.0/alerting.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0d00aa21ae78f12d140635035f23a6f699d189b47e053ebb67218127f80d37
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 15 Aug 2024 22:48:04 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf98a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
upgradeAssistant.plugin.js
eqlplayground.io/70281/bundles/plugin/upgradeAssistant/1.0.0/
23 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/upgradeAssistant/1.0.0/upgradeAssistant.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05453a780a20abedba88e8933096b559a7af9b740062ab5d14b2795b8ba77627
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 07:48:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf98d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
infra.plugin.js
eqlplayground.io/70281/bundles/plugin/infra/1.0.0/
103 KB
26 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/infra/1.0.0/infra.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01dd5f6c0f0f62eac9fda3ed004915e157dd149b70c9593a5526489dc956c92
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:54:59 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf98f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
controls.plugin.js
eqlplayground.io/70281/bundles/plugin/controls/1.0.0/
38 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349a56ec56afa6643e7a5faf900209c78aee39a5931191ace4a33feb94a7a2a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9902c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
licenseManagement.plugin.js
eqlplayground.io/70281/bundles/plugin/licenseManagement/1.0.0/
11 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/licenseManagement/1.0.0/licenseManagement.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6cb26acdf2100e658807b573ad8e50979919000b5288bd802f835a6c08aaf8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 22:06:59 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9912c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
telemetryManagementSection.plugin.js
eqlplayground.io/70281/bundles/plugin/telemetryManagementSection/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/telemetryManagementSection/1.0.0/telemetryManagementSection.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b6f660f3444573d21cf8c2e995b77db5e70173d398a26fb6e3a5236e2b8e0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293414
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 25 Oct 2024 03:26:34 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9922c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1835
server
cloudflare
observabilityOnboarding.plugin.js
eqlplayground.io/70281/bundles/plugin/observabilityOnboarding/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observabilityOnboarding/1.0.0/observabilityOnboarding.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad86bab9db61b5e20b60f071b90244fee09116f0a055f054c79992e6696c0794
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9932c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2124
server
cloudflare
profiling.plugin.js
eqlplayground.io/70281/bundles/plugin/profiling/1.0.0/
19 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/profiling/1.0.0/profiling.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13b25b5ed44010a76149e2cacf578596f14698349bf3c2144f3dc682b70e1d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9942c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
synthetics.plugin.js
eqlplayground.io/70281/bundles/plugin/synthetics/1.0.0/
20 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/synthetics/1.0.0/synthetics.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda492a80b4106ca2560136ded4057d3a5d7d29bc4d2d0880a1d21aa87c9529d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:55:00 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9952c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
unifiedDocViewer.plugin.js
eqlplayground.io/70281/bundles/plugin/unifiedDocViewer/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedDocViewer/1.0.0/unifiedDocViewer.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af62c54eced199f8ca77914e00497e5ab6f1f81387dceb388d5e8ccd587c59d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 08:18:06 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9962c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3714
server
cloudflare
indexLifecycleManagement.plugin.js
eqlplayground.io/70281/bundles/plugin/indexLifecycleManagement/1.0.0/
27 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/indexLifecycleManagement/1.0.0/indexLifecycleManagement.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ea8a5c23d66bf4228fdbd816cac377e460a2a3c94d1243a078d896c4e8a939
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 22:28:51 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23cf9972c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
indexManagement.plugin.js
eqlplayground.io/70281/bundles/plugin/indexManagement/1.0.0/
35 KB
10 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/indexManagement/1.0.0/indexManagement.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc33c3a66271ba9a442c8d87a309dd0527b91ba5cbfde7017d2fb587c50f475
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 03 Jul 2024 19:47:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d19982c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
runtimeFields.plugin.js
eqlplayground.io/70281/bundles/plugin/runtimeFields/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/runtimeFields/1.0.0/runtimeFields.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1332e68a6d8766a1dfa6f7afec292d577acd004730076096aa26f4da843e4ab0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 16:31:07 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d19992c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3756
server
cloudflare
uptime.plugin.js
eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/
23 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/uptime.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9301d2d5c3d4d84d56ca5947d923f6f305b19720b552019729c09a7e652791ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 07:05:22 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d299d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
enterpriseSearch.plugin.js
eqlplayground.io/70281/bundles/plugin/enterpriseSearch/1.0.0/
41 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/enterpriseSearch/1.0.0/enterpriseSearch.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef3dd0fbe48bce1a735eb8c6dd34e7184c964c21a14255fab548725b02616e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 07:05:22 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d299f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observabilityLogExplorer.plugin.js
eqlplayground.io/70281/bundles/plugin/observabilityLogExplorer/1.0.0/
32 KB
12 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observabilityLogExplorer/1.0.0/observabilityLogExplorer.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14f2db6a0b389fc04aba782edc1c41887dab68290ceef4b4f9f06742f65c5e0a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 25 Oct 2024 03:26:35 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29a02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
dataVisualizer.plugin.js
eqlplayground.io/70281/bundles/plugin/dataVisualizer/1.0.0/
23 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dataVisualizer/1.0.0/dataVisualizer.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667c373fa577643b67a412ada56d84fb4916ff555640b61f0eabbffe135952c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29a22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
uiActions.plugin.js
eqlplayground.io/70281/bundles/plugin/uiActions/1.0.0/
20 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/uiActions/1.0.0/uiActions.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da5dfcaffe786e30ec5ce1202909dbefc42f414ae51ba6da299deb8a5eb80ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 17 Jun 2024 08:21:45 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29a62c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
discoverEnhanced.plugin.js
eqlplayground.io/70281/bundles/plugin/discoverEnhanced/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/discoverEnhanced/1.0.0/discoverEnhanced.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4309df24358ec9d445ed8ed55f05af68e1c37511b18377ec8acb65fd6c2cf5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29a82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2265
server
cloudflare
cloudDefend.plugin.js
eqlplayground.io/70281/bundles/plugin/cloudDefend/1.0.0/
9 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudDefend/1.0.0/cloudDefend.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5f199f5f9d70c34cc31b6027131a7f84724326665bb1354a96d6634a53bec2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29a92c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3349
server
cloudflare
cloudSecurityPosture.plugin.js
eqlplayground.io/70281/bundles/plugin/cloudSecurityPosture/1.0.0/
16 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudSecurityPosture/1.0.0/cloudSecurityPosture.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe1ce0bde96c66c2dbdcab3383723c21b13052d462cc50a32ecf0d73e5418a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 26 Mar 2024 08:02:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29aa2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
datasetQuality.plugin.js
eqlplayground.io/70281/bundles/plugin/datasetQuality/1.0.0/
34 KB
10 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/datasetQuality/1.0.0/datasetQuality.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb89428f07b9cab469c59107769a59f39ab338287e08af2f721d8e80e25ddc5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 02 Oct 2024 11:36:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29ab2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
crossClusterReplication.plugin.js
eqlplayground.io/70281/bundles/plugin/crossClusterReplication/1.0.0/
12 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/crossClusterReplication/1.0.0/crossClusterReplication.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3432682c406cbed08c3b642985d76116794659e190dbc8656a91fb1c84a46ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29ae2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3808
server
cloudflare
remoteClusters.plugin.js
eqlplayground.io/70281/bundles/plugin/remoteClusters/1.0.0/
9 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/remoteClusters/1.0.0/remoteClusters.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a68f161e36ad8f046a0d1b61bc584afc0b47474f427a70c09db9fa63fc51e3bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 05:03:47 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29af2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3096
server
cloudflare
rollup.plugin.js
eqlplayground.io/70281/bundles/plugin/rollup/1.0.0/
12 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/rollup/1.0.0/rollup.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae607251f0c14e5e46b20e168d13cf21e579a09fc38030d85120cc3ad1e6e87d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29b02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
logExplorer.plugin.js
eqlplayground.io/70281/bundles/plugin/logExplorer/1.0.0/
39 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/logExplorer/1.0.0/logExplorer.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be0e14c2e205ccf22bd336e59af1308c0dd60d4665977bdce65a6e1fec89cad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
188323
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29b12c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
osquery.plugin.js
eqlplayground.io/70281/bundles/plugin/osquery/1.0.0/
51 KB
18 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/osquery/1.0.0/osquery.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
286498d14fabf8f9c328149254c6052f0294d1baa502d073fe657350b7b4f7f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29b22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
canvas.plugin.js
eqlplayground.io/70281/bundles/plugin/canvas/1.0.0/
13 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/canvas/1.0.0/canvas.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d8bd2fb5880363a4c2536fc07b39051068af1cd71ad84c34478634748161610
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 05 Jun 2024 21:12:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d29b42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
reporting.plugin.js
eqlplayground.io/70281/bundles/plugin/reporting/1.0.0/
44 KB
13 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/reporting/1.0.0/reporting.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb71c9f79118190478e3de3ee6927875ab085538071ff68f02d876083db9e112
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d39bd2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
discover.plugin.js
eqlplayground.io/70281/bundles/plugin/discover/1.0.0/
31 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/discover/1.0.0/discover.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f2de0e18411f08c2b28641d5bdb88b4a8e193337eea3012170cc2b8a5aeec7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293413
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d49c22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
links.plugin.js
eqlplayground.io/70281/bundles/plugin/links/1.0.0/
34 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/links/1.0.0/links.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f49034ea9d1410671911440c098b67d8f85bf927a6119a8c19ed0bb1d47130af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 04:54:48 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d59c52c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
aiops.plugin.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
8 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97219d6f6aacbb93755731bda61ed712d13cd9b7ab705816a844201f21960073
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d59c82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2432
server
cloudflare
metricsDataAccess.plugin.js
eqlplayground.io/70281/bundles/plugin/metricsDataAccess/1.0.0/
57 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/metricsDataAccess/1.0.0/metricsDataAccess.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3189d07906e8589cf16b1429b003e65b822545546440d5a2d9062fcc5526b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293412
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 03 Jul 2024 19:47:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d59cb2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observabilityShared.plugin.js
eqlplayground.io/70281/bundles/plugin/observabilityShared/1.0.0/
50 KB
16 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observabilityShared/1.0.0/observabilityShared.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd90dcc72996fbe8865aec097c097fa913abe2ba9ba2bca4ce0c628c4f6f2766
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293412
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 22:07:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d59cf2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
threatIntelligence.plugin.js
eqlplayground.io/70281/bundles/plugin/threatIntelligence/1.0.0/
13 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/threatIntelligence/1.0.0/threatIntelligence.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10b605ac4fc080cdff031f2c2287c30f19342a7f7656efbe427b5574cd1d6fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 07:05:24 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d69d12c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
4031
server
cloudflare
kubernetesSecurity.plugin.js
eqlplayground.io/70281/bundles/plugin/kubernetesSecurity/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/kubernetesSecurity/1.0.0/kubernetesSecurity.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b01ee170f5df481a1cd5931ca92df172315fcd3f3d927463681cd91ce9460ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d69d32c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2217
server
cloudflare
sessionView.plugin.js
eqlplayground.io/70281/bundles/plugin/sessionView/1.0.0/
8 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/sessionView/1.0.0/sessionView.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65e909d84ef5447d5de92a572e03a8a4a1108b08ac121b41bf8e302ab3eb9c82
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293412
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d69d82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3017
server
cloudflare
timelines.plugin.js
eqlplayground.io/70281/bundles/plugin/timelines/1.0.0/
110 KB
29 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/timelines/1.0.0/timelines.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bb487c2bea3ecf66f7b29d38d1752d8a3285499caf2dd815a462aecba110afa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 22 Jun 2024 14:44:52 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d69d92c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
stackConnectors.plugin.js
eqlplayground.io/70281/bundles/plugin/stackConnectors/1.0.0/
43 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/stackConnectors/1.0.0/stackConnectors.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
069f27eb12200ee40a2fd4e8e3dbb756e0d6ef4c57b7dc44606d52e8c5878365
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293412
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 05 Jun 2024 15:49:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79e02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
transform.plugin.js
eqlplayground.io/70281/bundles/plugin/transform/1.0.0/
18 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/transform/1.0.0/transform.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb8e1c71e4b1b8a5108403b9867d9a5917b29b3920683c1101b42d29ebf7643
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79e22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
triggersActionsUi.plugin.js
eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/
106 KB
29 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/triggersActionsUi.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcc2d97c21f4e54e221f3a1604a35e1c6b0fbdef692ec914654580fe5309600
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293412
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79e52c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
actions.plugin.js
eqlplayground.io/70281/bundles/plugin/actions/1.0.0/
17 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/actions/1.0.0/actions.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
940bb37199a5fa5a5026ba3686f94b0d53ec35a147e68a4fe9b429553b83d3f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 27 Oct 2024 17:13:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79e72c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
expressionXY.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionXY/1.0.0/
39 KB
10 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionXY/1.0.0/expressionXY.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500db311d467fddd913d1883f0e6e5fa20a3828d3d5f09cc0418f6fb15cde32d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 22:07:02 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79e82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
eventAnnotation.plugin.js
eqlplayground.io/70281/bundles/plugin/eventAnnotation/1.0.0/
20 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/eventAnnotation/1.0.0/eventAnnotation.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2454d8c864cbb414edd88d650d02ebcd71fc8acb61e6239bc100a20bbb8f335
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 02:10:29 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79e92c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visTypeGauge.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeGauge/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeGauge/1.0.0/visTypeGauge.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ff2ab77264422bbe0fd131f1e3ae269a946f5784d0f913e91afbb63de6f5fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 06:57:14 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79ea2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3587
server
cloudflare
visDefaultEditor.plugin.js
eqlplayground.io/70281/bundles/plugin/visDefaultEditor/1.0.0/
21 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visDefaultEditor/1.0.0/visDefaultEditor.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aad6793500a3c3adca39531caabb56ac6e6eb42d18aff90a96d6630b78e921d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 06:36:09 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79eb2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
savedSearch.plugin.js
eqlplayground.io/70281/bundles/plugin/savedSearch/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/savedSearch/1.0.0/savedSearch.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80085448e17ab1d995a3e34c11019b5a41d0e02461905601b13c58e82eb07262
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79ec2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3882
server
cloudflare
expressionGauge.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionGauge/1.0.0/
15 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionGauge/1.0.0/expressionGauge.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17d81931a899aa04437377498c075fec7d74d919671aed4a82201b91489dc362
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 04 Jul 2024 00:53:02 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79ed2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
expressionHeatmap.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionHeatmap/1.0.0/
15 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionHeatmap/1.0.0/expressionHeatmap.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70f986086d9886d1bb75a80025942d9f333768c56e5ddc42c66b0076edea1eb3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79ef2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
expressionLegacyMetricVis.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionLegacyMetricVis/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionLegacyMetricVis/1.0.0/expressionLegacyMetricVis.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32f98bd44520a3627f05e1831b6b3fd44256e82e4bda39a157606cceed0837b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 22 Jun 2024 14:44:54 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79f02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3423
server
cloudflare
expressionMetricVis.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionMetricVis/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionMetricVis/1.0.0/expressionMetricVis.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e15c57e890513dd05f9ca04e955fa3d987d9b665b40720bcf5a2f31d6ad1ecf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79f22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visTypePie.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypePie/1.0.0/
8 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypePie/1.0.0/visTypePie.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38aa9aca4ac8a30eb0075976172886b5b3b9f201c92342f1eb379843d235ba96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:55:06 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79f32c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3052
server
cloudflare
expressionPartitionVis.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionPartitionVis/1.0.0/
27 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionPartitionVis/1.0.0/expressionPartitionVis.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38651c13385250d6c1352bb28edefd24d467a40f02905bd95db8b72ec7c45a2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79f42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
expressionTagcloud.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionTagcloud/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionTagcloud/1.0.0/expressionTagcloud.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c33d85a72c9bed3fc02bbafef9569d1167fdd969969cf629c1fb71bb24fda02
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 07:05:28 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79f52c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3685
server
cloudflare
inputControlVis.plugin.js
eqlplayground.io/70281/bundles/plugin/inputControlVis/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/inputControlVis/1.0.0/inputControlVis.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da60d63b16007b2a4689066133c609a26d3ead7adfb9f111345a3bdbeb9192a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79f72c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2254
server
cloudflare
visTypeHeatmap.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeHeatmap/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeHeatmap/1.0.0/visTypeHeatmap.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08035866cc37ecbc2fc03b0be54468aa734cb84d04dea2f616baefece6b2f20
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 03 Jul 2024 19:47:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d79f92c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3712
server
cloudflare
visTypeMarkdown.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeMarkdown/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeMarkdown/1.0.0/visTypeMarkdown.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e11dd15566b2c3e18d745873914a75180ce12b13dcf93a6b7d894fa4277978
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23d89fa2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2736
server
cloudflare
expressions.plugin.js
eqlplayground.io/70281/bundles/plugin/expressions/1.0.0/
98 KB
28 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressions/1.0.0/expressions.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29795051c38e00795050b82316ade8a80cb2309f2a86994755c20c414316f012
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 26 Mar 2024 08:02:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e3a4e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visTypeMetric.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeMetric/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeMetric/1.0.0/visTypeMetric.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37dc8759be28f9650cda759631d65a60f98e04511c1eebb10dafe9e230dc778b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e4a512c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3534
server
cloudflare
visTypeTable.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeTable/1.0.0/
17 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeTable/1.0.0/visTypeTable.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ccc02588a571c2ac1e2ba6fa0c550a25a80b60bc8d21437c36337aeefab128
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 15 Jul 2024 12:07:36 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e4a532c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
share.plugin.js
eqlplayground.io/70281/bundles/plugin/share/1.0.0/
52 KB
17 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/share/1.0.0/share.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b37da99d21a4a282dbbd819fe6a39b30d822632d2558447efbc90db54d5c3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e5a592c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visTypeTagcloud.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeTagcloud/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeTagcloud/1.0.0/visTypeTagcloud.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfacf9a586791bbb9e55542eb16164090980904b3d74d52bc925ae8882a0e70
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e5a5a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2460
server
cloudflare
visTypeTimelion.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeTimelion/1.0.0/
11 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeTimelion/1.0.0/visTypeTimelion.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4c90aee175ecf05932d67314b5edbfaf7e94b74aac6cff7987f5d36f20fd6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 12:21:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e5a5d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3981
server
cloudflare
visTypeTimeseries.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeTimeseries/1.0.0/
19 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeTimeseries/1.0.0/visTypeTimeseries.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d1736b57562dc008aa8bfcf33c4a365b2995f36014a10af6f12dd73958ef74
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 01:33:22 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e5a602c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visTypeVega.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeVega/1.0.0/
34 KB
13 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeVega/1.0.0/visTypeVega.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6304c2fb6c642c42352fbbae983e89a5fe089570bfba686209a41be89235e8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 14:58:38 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e6a6a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visTypeVislib.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeVislib/1.0.0/
13 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeVislib/1.0.0/visTypeVislib.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8a8629c5ec43d242b6757086f04525e7d9675e67379bdcc621c0a81f19651c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e6a6b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
visTypeXy.plugin.js
eqlplayground.io/70281/bundles/plugin/visTypeXy/1.0.0/
28 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visTypeXy/1.0.0/visTypeXy.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50761d87ef0dab9c2374ac2e2e0d80b9dbf67904320b02c3a3e697523411dfd3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e6a6d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
watcher.plugin.js
eqlplayground.io/70281/bundles/plugin/watcher/1.0.0/
14 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/watcher/1.0.0/watcher.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88cc35d98d30be291054c55d6cf37d19ec22a80cfda2595a6cb37b02f567aee7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 03 Jun 2024 05:04:46 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a732c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
dataViewManagement.plugin.js
eqlplayground.io/70281/bundles/plugin/dataViewManagement/1.0.0/
5 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dataViewManagement/1.0.0/dataViewManagement.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8c905d68d49b8e30cc969f944ac3be118370286bfa1f01d2faab7bd2a0732c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a762c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1749
server
cloudflare
kibanaOverview.plugin.js
eqlplayground.io/70281/bundles/plugin/kibanaOverview/1.0.0/
15 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/kibanaOverview/1.0.0/kibanaOverview.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bde784780a91d33f82b2a426586f79269844d8dd5dd09c0ac87060e785bf7d96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a792c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
newsfeed.plugin.js
eqlplayground.io/70281/bundles/plugin/newsfeed/1.0.0/
11 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/newsfeed/1.0.0/newsfeed.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5bd66e5a6084ea586c377e9612394ae85d9406d17d335f24eb7988ad366a11
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293411
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a7a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
4079
server
cloudflare
dataViewEditor.plugin.js
eqlplayground.io/70281/bundles/plugin/dataViewEditor/1.0.0/
13 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dataViewEditor/1.0.0/dataViewEditor.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5d5f6b29f871f22382998bd4f7bdac1b97d9e639cb43b07e955152151eef15
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 11:19:59 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a7b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
dataViewFieldEditor.plugin.js
eqlplayground.io/70281/bundles/plugin/dataViewFieldEditor/1.0.0/
25 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dataViewFieldEditor/1.0.0/dataViewFieldEditor.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dbe1b4d053d25d65326547b2a49dbd6d7d4da4f2b172a9f01afd5d4379e0a1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:55:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a7d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
ingestPipelines.plugin.js
eqlplayground.io/70281/bundles/plugin/ingestPipelines/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/ingestPipelines/1.0.0/ingestPipelines.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bb89110f2207b930b53b744982bda0a4fbbbe1f19c5e67023687bd4a2aac69
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a7f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
fileUpload.plugin.js
eqlplayground.io/70281/bundles/plugin/fileUpload/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/fileUpload/1.0.0/fileUpload.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d4e00a5bb0f1edf10a580548630880d5855e703b3b8d6fc1fce7030f887491
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 29 Aug 2024 11:37:32 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a802c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2656
server
cloudflare
expressionError.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionError/1.0.0/
5 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionError/1.0.0/expressionError.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5384b8766c02adeec0ee2f2a58b87ee84a3168f4ddaffdf0f1c49d947028627f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 29 Aug 2024 11:37:32 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a812c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1937
server
cloudflare
expressionImage.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionImage/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionImage/1.0.0/expressionImage.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f5a359d980e90609de9d7de50e9b5745f7b1bbb8cc0bb3557061ac9569a9d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 21 Aug 2024 11:12:13 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e7a832c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1770
server
cloudflare
expressionMetric.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionMetric/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionMetric/1.0.0/expressionMetric.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a86265502c8fbf7ccf080671b5f533f1118e2767abe36781268ad930f0da628
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:16:37 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e8a8b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2214
server
cloudflare
expressionRepeatImage.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionRepeatImage/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionRepeatImage/1.0.0/expressionRepeatImage.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a3cc73f3af02007ccf51ffc5c8c70ce38592d45dc77f99ff116436b3922fa2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:16:37 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e8a8d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2404
server
cloudflare
expressionRevealImage.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionRevealImage/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionRevealImage/1.0.0/expressionRevealImage.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe9ff150e0718f8f2185df9b6894b3a93b071ddf857397c79b427131faf8b59
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:16:37 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e8a902c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2429
server
cloudflare
expressionShape.plugin.js
eqlplayground.io/70281/bundles/plugin/expressionShape/1.0.0/
21 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/expressionShape/1.0.0/expressionShape.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d6df0718dd8690641d8397f24a90a23a180071839525e19c33697d05f9f2c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e8a922c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
urlDrilldown.plugin.js
eqlplayground.io/70281/bundles/plugin/urlDrilldown/1.0.0/
15 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/urlDrilldown/1.0.0/urlDrilldown.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d03a924ced5ad18c7301cf92ae384c77271d39fdb12c48f246072d292f429e65
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 29 Aug 2024 11:37:32 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e8a932c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
uiActionsEnhanced.plugin.js
eqlplayground.io/70281/bundles/plugin/uiActionsEnhanced/1.0.0/
17 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/uiActionsEnhanced/1.0.0/uiActionsEnhanced.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9500f4d8d7c71a15b3b389dd6b9b9f017ef64f3effd808a7a3993eb6dd310bb9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 04 Jul 2024 00:53:04 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e8a952c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
graph.plugin.js
eqlplayground.io/70281/bundles/plugin/graph/1.0.0/
8 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/graph/1.0.0/graph.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e376fb2a568f05faa84f6f7b19f4e0e0e3b36a3a34c7fbf1acdd98175e6347b9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 22:07:05 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e9a982c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2810
server
cloudflare
navigation.plugin.js
eqlplayground.io/70281/bundles/plugin/navigation/1.0.0/
12 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/navigation/1.0.0/navigation.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8749fc85dc754cd0c3fcc1ea6ead019af02d10936f53c8f9e9f84f276a0daeba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 15 Aug 2024 22:48:04 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e9a9a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
globalSearchBar.plugin.js
eqlplayground.io/70281/bundles/plugin/globalSearchBar/1.0.0/
26 KB
9 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/globalSearchBar/1.0.0/globalSearchBar.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad7786312e9785fc4e709d6514c000dccb865d5eb8c0eed906ed8bdf29b613e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e9a9e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
savedObjectsTagging.plugin.js
eqlplayground.io/70281/bundles/plugin/savedObjectsTagging/1.0.0/
20 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/savedObjectsTagging/1.0.0/savedObjectsTagging.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5debf03f5363c73b4763d054e26c509c91416dddca90977b55120f3f9c568f86
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e9a9f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
savedObjectsTaggingOss.plugin.js
eqlplayground.io/70281/bundles/plugin/savedObjectsTaggingOss/1.0.0/
2 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/savedObjectsTaggingOss/1.0.0/savedObjectsTaggingOss.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7d1bee66331b5d1abc2839c0cc5df067bfef371b0fdccdbe69033620f976b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 17:52:23 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e9aa22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1140
server
cloudflare
bfetch.plugin.js
eqlplayground.io/70281/bundles/plugin/bfetch/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/bfetch/1.0.0/bfetch.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b277f61b52dd20252f9adc5a2164b7f4a4b8bf71d4572133582e74bdbb41f2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:55:11 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23e9aa42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2897
server
cloudflare
console.plugin.js
eqlplayground.io/70281/bundles/plugin/console/1.0.0/
29 KB
10 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/console/1.0.0/console.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55caf6e401dc8715b67ad4be405fa2eb83347919f221d79eb970cd76f192074
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:55:11 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaaab2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
grokdebugger.plugin.js
eqlplayground.io/70281/bundles/plugin/grokdebugger/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/grokdebugger/1.0.0/grokdebugger.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f54ab22b538b162a7d903921163ce4beadd370ae906506954551a8737e533a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaaae2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1877
server
cloudflare
aiAssistantManagementSelection.plugin.js
eqlplayground.io/70281/bundles/plugin/aiAssistantManagementSelection/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiAssistantManagementSelection/1.0.0/aiAssistantManagementSelection.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b814b4a758bfb9de763e3cfd7e46413da3abe35ae64509a3b6ead4dcb311961b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaaaf2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1612
server
cloudflare
cloudDataMigration.plugin.js
eqlplayground.io/70281/bundles/plugin/cloudDataMigration/1.0.0/
4 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudDataMigration/1.0.0/cloudDataMigration.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc547acf9bc0f52b495bfb3b6e4f2c901b9211d61e02ff2e419761359d885d35
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaab02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1942
server
cloudflare
cloudChat.plugin.js
eqlplayground.io/70281/bundles/plugin/cloudChat/1.0.0/
13 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudChat/1.0.0/cloudChat.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b39d644a42573eb098987e5416a8bc3b94645922c397b365ead86e6626c720
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 05 Jun 2024 15:49:13 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaab12c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
cloudFullStory.plugin.js
eqlplayground.io/70281/bundles/plugin/cloudFullStory/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudFullStory/1.0.0/cloudFullStory.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aceafb15cd676cec1f95bb46e7e1dfe77be8004fb48e044223f590cc35b0452
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 02 Jun 2024 13:24:54 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaab22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1794
server
cloudflare
cloudLinks.plugin.js
eqlplayground.io/70281/bundles/plugin/cloudLinks/1.0.0/
16 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudLinks/1.0.0/cloudLinks.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4307ec127b5fa220474c070f257a557597b8c0003f0c2a2227c35c53944f80c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 15 Jul 2024 11:23:13 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaab62c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
filesManagement.plugin.js
eqlplayground.io/70281/bundles/plugin/filesManagement/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/filesManagement/1.0.0/filesManagement.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf38a991bf7f3bb88890d6a17a28020ed24ec3b8308c89c549e7c2fca632f83
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaab72c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1504
server
cloudflare
files.plugin.js
eqlplayground.io/70281/bundles/plugin/files/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/files/1.0.0/files.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e155e29b9032e43cf80e62882e1da89a48090a6cd472352193695795621856
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23eaab82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3926
server
cloudflare
snapshotRestore.plugin.js
eqlplayground.io/70281/bundles/plugin/snapshotRestore/1.0.0/
27 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/snapshotRestore/1.0.0/snapshotRestore.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac87e2701b5d92e7b37e245a67ef7ee2e738d940f3e0b08c006c3f0a2bed9f01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ebacc2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
telemetry.plugin.js
eqlplayground.io/70281/bundles/plugin/telemetry/1.0.0/
20 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/telemetry/1.0.0/telemetry.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc3ec784c24ae2b244aa16bc3805fd02fd273a32250ce52a60993898e555470
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 05 Jun 2024 21:12:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ebace2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
security.plugin.js
eqlplayground.io/70281/bundles/plugin/security/1.0.0/
70 KB
21 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/security/1.0.0/security.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29418c75d0fd26395445bc7700217b89375c165909bb8d8ab0b62645bd9107cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ebacf2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
management.plugin.js
eqlplayground.io/70281/bundles/plugin/management/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/management/1.0.0/management.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37fecccb0eea1cb10ddb006259cc44e5fcde11f8ea844973d7ace75dd718b44c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 28 Aug 2024 20:26:05 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ebad12c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
painlessLab.plugin.js
eqlplayground.io/70281/bundles/plugin/painlessLab/1.0.0/
10 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/painlessLab/1.0.0/painlessLab.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4698ce535a3e917356e3da55e413fdde9355c0979817b70f97b76bb6003a9a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 04 Oct 2024 17:16:34 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ebad32c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
4027
server
cloudflare
searchprofiler.plugin.js
eqlplayground.io/70281/bundles/plugin/searchprofiler/1.0.0/
19 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/searchprofiler/1.0.0/searchprofiler.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1252f73c4959ec1f853fcfcaa6f9167d12b0ac35fe84c99f340fbc0a7be882fe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ebad42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
home.plugin.js
eqlplayground.io/70281/bundles/plugin/home/1.0.0/
12 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/home/1.0.0/home.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e8793777a88b313f9bb9fd36490f6fcc0ecfd65a36dc2f30b86efafdb1ec46f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:10 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ecad82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
cloudExperiments.plugin.js
eqlplayground.io/70281/bundles/plugin/cloudExperiments/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudExperiments/1.0.0/cloudExperiments.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf027a24f5ed0449b8ccd1082edfca63e1ccbc0fe87f2b990d0f1beb7db2ad74
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 06:57:15 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23ecadb2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2745
server
cloudflare
contentManagement.plugin.js
eqlplayground.io/70281/bundles/plugin/contentManagement/1.0.0/
8 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/contentManagement/1.0.0/contentManagement.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e434740b036858f04959f69c5faece56a6efa417391ecd0d55cf42d579ab0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23edae42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2372
server
cloudflare
customIntegrations.plugin.js
eqlplayground.io/70281/bundles/plugin/customIntegrations/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/customIntegrations/1.0.0/customIntegrations.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed503bac7f58c42b921d874780a476e1c7d32be64cc3fa6cbef2f2bb27741f27
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23edae62c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3340
server
cloudflare
screenshotting.plugin.js
eqlplayground.io/70281/bundles/plugin/screenshotting/1.0.0/
7 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/screenshotting/1.0.0/screenshotting.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d1385361cb23c487c2bd43b923ebc13a78a8542c1dab63d48d387bc2b82baa2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23edae72c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3086
server
cloudflare
banners.plugin.js
eqlplayground.io/70281/bundles/plugin/banners/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/banners/1.0.0/banners.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e827369c2afd7c44ba11855450f2c4d845505e20b74e0399b5c50fa1250bbfab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23efaf72c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2833
server
cloudflare
guidedOnboarding.plugin.js
eqlplayground.io/70281/bundles/plugin/guidedOnboarding/1.0.0/
28 KB
9 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/guidedOnboarding/1.0.0/guidedOnboarding.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416679cd6f5773023ab7993fb88a2ceee7befa96f1c755504b06d5b9740d6658
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23efaf92c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
features.plugin.js
eqlplayground.io/70281/bundles/plugin/features/1.0.0/
4 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/features/1.0.0/features.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47854c45a5535d91a8adbf062eaf7a928001d632b1497130b6b5d19521946fb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23efafc2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1255
server
cloudflare
globalSearchProviders.plugin.js
eqlplayground.io/70281/bundles/plugin/globalSearchProviders/1.0.0/
5 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/globalSearchProviders/1.0.0/globalSearchProviders.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
696992d0e82983a8460d7366438ba0fdc1aac4960a58e61bdb362075f0d233e8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 12:21:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23efafd2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2091
server
cloudflare
globalSearch.plugin.js
eqlplayground.io/70281/bundles/plugin/globalSearch/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/globalSearch/1.0.0/globalSearch.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5599d1ee0dead5a175aab5adf068686b83edaa11ab576c9d0cce1fb6566294e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 22 Jun 2024 12:07:16 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23efafe2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2420
server
cloudflare
mapsEms.plugin.js
eqlplayground.io/70281/bundles/plugin/mapsEms/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/mapsEms/1.0.0/mapsEms.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09364fa878536ed63520279e11ed171321011ebb8dab10909951fdb5597f2b34
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:01 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23efaff2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2217
server
cloudflare
licensing.plugin.js
eqlplayground.io/70281/bundles/plugin/licensing/1.0.0/
9 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/licensing/1.0.0/licensing.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaf3bdfb7b01ea8994710ab129281e353acf97379ae45a887715a7fa1b45950
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 05 Jun 2024 21:12:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f1b132c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3275
server
cloudflare
noDataPage.plugin.js
eqlplayground.io/70281/bundles/plugin/noDataPage/1.0.0/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/noDataPage/1.0.0/noDataPage.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca9152eddde055ee8bfc430cd1d1f3c4e55882bd84e6d2c90d537af7602a74fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f1b142c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
643
server
cloudflare
cloud.plugin.js
eqlplayground.io/70281/bundles/plugin/cloud/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloud/1.0.0/cloud.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d1ff79e4137c00c98a09295229c3e89d9c55e7b27481473ee0191a1c149dbc4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:27 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f1b162c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2270
server
cloudflare
kibanaUsageCollection.plugin.js
eqlplayground.io/70281/bundles/plugin/kibanaUsageCollection/1.0.0/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/kibanaUsageCollection/1.0.0/kibanaUsageCollection.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21865abf458193485f12d2913c802c4280fbc519d2dcffedb371826c80a49d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:21 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f1b182c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
695
server
cloudflare
screenshotMode.plugin.js
eqlplayground.io/70281/bundles/plugin/screenshotMode/1.0.0/
2 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/screenshotMode/1.0.0/screenshotMode.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb9551e8bb250d36cedb0acb595a39d77f4878d2f902368c21af5d08a990c47c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b202c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
914
server
cloudflare
unifiedHistogram.plugin.js
eqlplayground.io/70281/bundles/plugin/unifiedHistogram/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedHistogram/1.0.0/unifiedHistogram.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38a26152582de97537ac032529942f798206f326689e95c0b741066cabdcc22
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:26 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b212c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2126
server
cloudflare
devTools.plugin.js
eqlplayground.io/70281/bundles/plugin/devTools/1.0.0/
11 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/devTools/1.0.0/devTools.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f921c8889733be266394c73acb043b198a44484bfb00f81dd441e1129856180
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b232c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
urlForwarding.plugin.js
eqlplayground.io/70281/bundles/plugin/urlForwarding/1.0.0/
5 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/urlForwarding/1.0.0/urlForwarding.plugin.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/s/eqldemo/bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deef2130fceed4eaa8c822ff2e0b8606786414c9ce8c80f12b92a59dc476f547
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b242c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2154
server
cloudflare
favicon.svg
eqlplayground.io/ui/favicons/
1008 B
1 KB
Other
General
Full URL
https://eqlplayground.io/ui/favicons/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160f4ef3788e8b599e30ccc74b4b74f3a5a70a28fa68b6df0b582f741a7025bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"c2ae8872d6be83d97704438ba39271e9af1a65d0"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
image/svg+xml
last-modified
Mon, 19 Feb 2024 12:18:35 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b1e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
favicon.png
eqlplayground.io/ui/favicons/
5 KB
6 KB
Other
General
Full URL
https://eqlplayground.io/ui/favicons/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0de77a615e625ecf85833383837bba949d2847468697f8dcd2a78190cc5d0af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

cf-cache-status
REVALIDATED
etag
"c6e634ff7e673515f2288ed37a4ea053751a104e"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
image/png
last-modified
Mon, 19 Feb 2024 12:18:35 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2411c3c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
5234
server
cloudflare
core.chunk.2.js
eqlplayground.io/70281/bundles/core/
86 KB
27 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b156d96adfa128c8c09e03c2e5d188366dc31111c4d8350090921b23de4cc2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2444dda2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
en.json
eqlplayground.io/s/eqldemo/translations/
29 B
676 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/translations/en.json
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-src/kbn-ui-shared-deps-src.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18cda523c38f2f0839f264e9cb6449c40f9e09f920105df3fe105c30a4cc5be5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

cf-cache-status
DYNAMIC
etag
"37992637719f97813c3068cfbf877b2d3bb43b97"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2444ddc2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
29
server
cloudflare
visualizations.chunk.4.js
eqlplayground.io/70281/bundles/plugin/visualizations/1.0.0/
45 KB
15 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/visualizations/1.0.0/visualizations.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/visualizations/1.0.0/visualizations.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15232582eb44953c7ff0fc3455123ac4aaf0aaf81b4e0628a497397bad967e5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 15 Aug 2024 23:14:34 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2466efe2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
charts.chunk.1.js
eqlplayground.io/70281/bundles/plugin/charts/1.0.0/
5 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/charts/1.0.0/charts.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/charts/1.0.0/charts.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
746b85555b158d420546175fbf19d11f0699d7bac37123bfc0cfcc25ba0c4e0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2468f1b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1882
server
cloudflare
aiops.chunk.0.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
30 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfa078eb50585bb321c8ccdc44dff77cc1e20dbb73afd0f31dfd1154f659308
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef682c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
aiops.chunk.4.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
19 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec909461fe6a0b50f4b73e0b2bd5503c820452d9e14d1e7ac980ad5cf75ec243
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:12 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef692c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
aiops.chunk.17.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.17.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a406fa4637f0180006b1d2c52d00e02984d2a017dfc4a2a0834c0495143a77c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:22 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef6a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2491
server
cloudflare
aiops.chunk.1.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
5 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71e8c29a841cca108851b79eaa570b18c4f0b7e283347aa368179f75946a66e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef6b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2016
server
cloudflare
aiops.chunk.2.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
146 KB
49 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d7de62b9a4b19b696ba5802fede9609b73954a20857a72520c200d63584da6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 25 Oct 2024 03:26:38 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef6c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
aiops.chunk.5.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
42 KB
13 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.5.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1de40fb556edfdfbfe90a8fbf1ee96e76d29a2f544f759a4b050cb8afc221d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef6d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
aiops.chunk.18.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.18.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f25daf572249c5cf3bc17889ee5e72c5c2b02f4fad81fe306ba58fbbe5879caf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 15:39:08 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef6f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
754
server
cloudflare
aiops.chunk.15.js
eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.chunk.15.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/aiops/1.0.0/aiops.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e1b31922514c516136f8c0b5d5ed5ac36f8546639cdc369401008591e12954
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:52 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 12:21:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c246ef702c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
616
server
cloudflare
apm.chunk.0.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
47 KB
15 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf22d9086aa494fdf542569027723980a8f9d68540196472df15526b60c7cfc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:29 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fc42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
apm.chunk.1.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
150 KB
53 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a56eec5bf15377851d596a04ab4eb37bf7214f570a2fd2acfd5d6235be580ac1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293410
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 12:02:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fc62c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
apm.chunk.2.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
29 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ded2188dc7b70d8e9bfba42c2c87a8f2abe69988abb016d3b91f0851a14def47
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 12 Jul 2024 06:30:19 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fc92c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
apm.chunk.3.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
108 KB
34 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.chunk.3.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe174e0461d61227d3e814f2025d00251704328f13d2a36939484c0251901a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 15:39:08 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fcc2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
apm.chunk.4.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
72 KB
24 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8bbde79ffeee8550260b8a7eb939299af41c9c8e710e3b06bb93d4a03bd81d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 15 Jul 2024 12:07:38 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fcd2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
apm.chunk.5.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
2 MB
650 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.chunk.5.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca2e94310f61fa5ae150b24bd9900e8a3fd729a0b898cc961a3dd7dc7d54a1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:30 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fce2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
apm.chunk.26.js
eqlplayground.io/70281/bundles/plugin/apm/1.0.0/
2 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.chunk.26.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/apm/1.0.0/apm.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f74c5efbfd24ae9a0bd2c242af1b7cd0a4da7f60e319a36555fe05ce2cf03ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 04 Jul 2024 00:54:11 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fcf2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
786
server
cloudflare
me
eqlplayground.io/s/eqldemo/internal/security/
356 B
832 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/me
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb5a2ee5b8d43f1fc05c4c027af96d0a9c71354376612be2e05474c838a89ae6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-8bf5f6750e7b7f9d469d538623354d10-f1cd04ceb0f05620-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2479fd02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
capabilities
eqlplayground.io/s/eqldemo/api/core/
8 KB
3 KB
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/core/capabilities
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6ef47a8490b08ad1b278e9bb909e7bbed6603b84136eea36739efde1765fe5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-8bf5f6750e7b7f9d469d538623354d10-f1cd04ceb0f05620-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c247bfd82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
1975
server
cloudflare
dashboard.chunk.0.js
eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/
30 KB
9 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/dashboard.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/dashboard.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2a43dc08d7ad0348eb8d9ff873888e8065ff43cbd10fd48ad87703e3e40ddd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 30 Oct 2024 14:58:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b88f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.0.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
11 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680f50d0bc7d0b7c43116721f1565682c13713a22ecde98de6f7624f260931a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b8982c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2906
server
cloudflare
observability.chunk.1.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
627 KB
98 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f2b9f4c3caece4e4f5f67ccdcc2338b0930fc0ed75a2dd3be6b680d9b0a32a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b89a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.3.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.3.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4c5638ad4c00cdfb28a1d0a9321a562d041f9f51f27b417af7f428c67257e8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293409
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:16:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b89b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.5.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
15 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.5.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5e5afa0d028d154b7669cc713e35e285e2d820473a9fbb4ce7a09a425db533
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 22:07:11 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b89c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.9.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
15 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.9.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211ce10b3f6d7e00a970d625dadd01888ad1cd9956a9faf9e7d6afe3f7077bbc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:30 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b89d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.10.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
9 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.10.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e083a11ef8e913bc07da1d6fbc12128c1e23482391710ebe256b4ba8cc3afd2c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 12:21:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b89f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2854
server
cloudflare
uptime.chunk.0.js
eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/
11 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/uptime.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/uptime.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28c2a0296ac0bfed5722efdc746b4b832908f4ff3639084f8208df0c59e471b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 22:07:11 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b8a12c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2898
server
cloudflare
uptime.chunk.1.js
eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/
43 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/uptime.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/uptime.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5439a2a389ecb58b9ed08042971cdaaaa8a48bf0cc2afffa4aa9f271d1fa7438
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:16:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b8a22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
uptime.chunk.6.js
eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/uptime.chunk.6.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/uptime/1.0.0/uptime.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10f9a9e775d0412612b9edf89b4a688d69130a390319881cfb2b732cf3877fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 03 Jul 2024 19:47:45 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b8a32c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
634
server
cloudflare
securitySolution.chunk.2.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
33 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb09cba3a77ba65094f0fa19904296d0730d34e7397a7a00018657cc8affb4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:24 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b8a42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.19.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
44 KB
12 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.19.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b697c86c69bd64f59aa08566987a131e81767b996419e68a7cc567bbe9f10877
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:30 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248b8a72c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kbn-ui-shared-deps-npm.chunk.241.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
3 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.241.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755b4904310998127d56802834cc3f39936894462c5544a9a2d2119ca553481e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c248e8bf2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1323
server
cloudflare
kbn-ui-shared-deps-npm.chunk.479.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
737 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.479.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe99b8b7bd4a74aade8d147670b7ddac6d40a01aa268ba1e5106f030ecf31af
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 17 Oct 2024 15:39:08 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908c82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
466
server
cloudflare
securitySolution.chunk.0.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
9 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6aaa952f390e701fdcf84c2c7e05d693aa13837988fd8abc764002c3632b78d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908cb2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3096
server
cloudflare
securitySolution.chunk.1.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
105 KB
28 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b78af21180a4ad7f241a7e938abb3ec6ba5a64248a633dd3601329835736868
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:45 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908cd2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.5.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
15 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.5.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b000bcb03a218d17601a73db52242ef0dc1ce5e3b26adcab830562dd88e4829
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:13 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908ce2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.9.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
739 KB
121 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.9.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08665faaae0320345cff8f9bd6d4ecc597189c0c3d72fa443ec067bc4d9ae0bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 12:56:44 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908d02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.7.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
189 KB
53 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.7.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f97efea0bc540f3c4b81af5e7b32fb940a39f13eee6e63d91a0792d8798f33
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 16 Aug 2024 13:59:12 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908d22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.3.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
55 KB
16 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.3.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98df749f2d03031906660d5c181a4f0e42c4e1baf0b1cd2f3cbdeb90abd72c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 16 Aug 2024 13:59:14 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908d32c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.4.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
27 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1b8a6ebf79909ab5308c5bfdb0d783b5dfda8e1491c00c4b7d4296f9bf7563
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 25 Oct 2024 03:26:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908d42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.10.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
866 KB
209 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.10.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b35ded54d6c585e87a9a3616e444798765c77164c793f81ac8328c5982e2dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 21:58:08 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908d52c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.24.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
2 MB
451 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.24.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4085b8e02d0ae5c03ce945fe3b5380dde312927eb9b407271ae78e45b4e2a30d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24908d62c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kbn-ui-shared-deps-npm.chunk.185.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.185.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f2afd2091b484caf8d7c5ab754f1a764a17d25ffaf1803c03b646c953d7c00
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:13 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24928ea2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
724
server
cloudflare
kbn-ui-shared-deps-npm.chunk.293.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
558 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.293.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e1d10dc960c3a1a5df850fb0ca8177c63a9791b3e6fcd4bf81b0dd8f7804ad1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 03:20:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24928eb2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
385
server
cloudflare
Inter-Medium.woff2
eqlplayground.io/ui/fonts/inter/
103 KB
104 KB
Font
General
Full URL
https://eqlplayground.io/ui/fonts/inter/Inter-Medium.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be58eaba7a53c5f1e8ac57a8ae050078a6de66c792ec52d960f80218a21966a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eqlplayground.io
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

cf-cache-status
REVALIDATED
etag
"85bd69c6604c42cd7cff42f69686ae9f5765b09c"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
font/woff2
last-modified
Mon, 19 Feb 2024 12:18:38 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c249890f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
105616
server
cloudflare
Inter-Regular.woff2
eqlplayground.io/ui/fonts/inter/
97 KB
97 KB
Font
General
Full URL
https://eqlplayground.io/ui/fonts/inter/Inter-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed72259a8e25611bfdcd02ae7534bab339f607cbce3b989614fb32a5fb95738
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eqlplayground.io
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

cf-cache-status
REVALIDATED
etag
"d54ba8fa95573fa24442dab96795eaf8db66aa80"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
font/woff2
last-modified
Mon, 19 Feb 2024 12:18:38 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24989102c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
98844
server
cloudflare
kbn-ui-shared-deps-npm.chunk.347.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
845 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.347.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6f7bc278fd17217862546829f734609211771a4de5e081d8af0f4904a8e4c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293407
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 20:43:19 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24958f72c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
517
server
cloudflare
kbn-ui-shared-deps-npm.chunk.83.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
2 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.83.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93da2e1c4f28a7ff9c709d238fc05dc92b6cc6760afaac6e132e96b16292fe9f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293407
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24968fa2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
802
server
cloudflare
spaces.chunk.4.js
eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/spaces.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/spaces.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b695731d3bc96b49f08b6bb0ac60d21c3160239c1d090760a2628423a421ef21
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:30 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24968fb2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
controls.chunk.7.js
eqlplayground.io/70281/bundles/plugin/controls/1.0.0/
10 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.chunk.7.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99f21391431190970ba8deb49f63790306acc0347afae3a4803e7368ce69d4b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293407
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24978ff2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2246
server
cloudflare
register
eqlplayground.io/s/eqldemo/internal/licensing/feature_usage/
16 B
649 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/licensing/feature_usage/register
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24979032c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
16
server
cloudflare
info
eqlplayground.io/s/eqldemo/api/licensing/
1 KB
1 KB
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/licensing/info
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1625a470fc4bb7d2ab493f315235b08dee1e1a261a2d124f5823d4ff976f63
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24979052c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
408
server
cloudflare
info
eqlplayground.io/s/eqldemo/api/banners/
117 B
728 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/banners/info
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74640ff3b9b8b0ee46b0cb52a645572a4b3893a4ec6d22d44c75c59345283472
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24979062c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
session
eqlplayground.io/s/eqldemo/internal/security/
0
601 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/session
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
cf-cache-status
DYNAMIC
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8df0c24979082c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
state
eqlplayground.io/s/eqldemo/internal/security/security_checkup/
22 B
656 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/security_checkup/state
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34213abb028e7f037598ddcd26e4722756565db7c8def55141e0fddb0cbc138a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24979092c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
22
server
cloudflare
me
eqlplayground.io/s/eqldemo/internal/security/
356 B
832 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/me
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb5a2ee5b8d43f1fc05c4c027af96d0a9c71354376612be2e05474c838a89ae6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c249790a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
tags
eqlplayground.io/s/eqldemo/api/saved_objects_tagging/
334 B
811 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/saved_objects_tagging/tags
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c181f75be1dd99c36182e982893c29d81556198112c0db49e01acffad0007b1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c249790b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
config
eqlplayground.io/s/eqldemo/internal/telemetry/
129 B
764 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/telemetry/config
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef412b51afa0e4ef95f954b681812a86404a1d6547930940bc7df73f85091b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
2
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c249890d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
RobotoMono-Bold.ttf
eqlplayground.io/ui/fonts/roboto_mono/
112 KB
66 KB
Font
General
Full URL
https://eqlplayground.io/ui/fonts/roboto_mono/RobotoMono-Bold.ttf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69fdf4efd379a49f2d06cd6d64f8e6f8fa8dd44cebc5d0f0c64e86bd10ae1c79
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eqlplayground.io
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
"37cdbeb9db0eeb17d129c5b495128f3c04eb9d2c-gzip"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
font/ttf
last-modified
Mon, 19 Feb 2024 12:18:38 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24989142c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
has_data_views
eqlplayground.io/s/eqldemo/internal/data_views/
43 B
694 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/data_views/has_data_views
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba006649b30e6cffcfc365b5332ef95617423ee67eb921d7c10fe06a162cb02
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
1
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c249a92a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
43
server
cloudflare
cloudExperiments.chunk.1.js
eqlplayground.io/70281/bundles/plugin/cloudExperiments/1.0.0/
52 KB
19 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/cloudExperiments/1.0.0/cloudExperiments.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/cloudExperiments/1.0.0/cloudExperiments.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83d8daee48fd4f9d60816968de4e52c66cbe88452ab9a1b4606d8897fdd821d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:31 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c249a92e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
v8.12.2.json
feeds.elastic.co/kibana/
12 B
758 B
Fetch
General
Full URL
https://feeds.elastic.co/kibana/v8.12.2.json
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:fbf3:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
eef46741adfc3a9f76294d3b78f37a45f113092ac9d44ee77c7a038a88ff09a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1731002574
access-control-expose-headers
Authorization, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, accept, kbn-build-number, kbn-name, kbn-version, origin, x-elastic-internal-origin, x-kbn-context
content-encoding
gzip
x-goog-hash
crc32c=R3CMmg==, md5=axveB6QfOHdgG6pkr4fpxQ==
etag
"6b1bde07a41f3877601baa64af87e9c5"
age
0
x-goog-stored-content-encoding
gzip
expires
Thu, 07 Nov 2024 22:33:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
45
date
Thu, 07 Nov 2024 22:28:53 GMT
last-modified
Thu, 07 Nov 2024 18:03:55 GMT
content-type
application/json
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2VFVVExz1RBbfu2_4mqVLzp_rUboZI-MNR5IF0_ZEp2X3k9zZCwmypj-8nMNbp-aXKPiU
cache-control
public, max-age=300
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1731002635019997
content-length
45
server
UploadServer
dashboard.chunk.5.js
eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/
29 KB
9 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/dashboard.chunk.5.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/dashboard/1.0.0/dashboard.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd545a4e31faab8456fddc9b2d2cc3aed2133fb2222e6b6752f4168fdaf09443
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24ad9cd2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
_active_space
eqlplayground.io/s/eqldemo/internal/spaces/
5 KB
4 KB
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/spaces/_active_space
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb14a16a2aa6e96aec1937518a2e8363c370b4315f1f2a5650018f4fb6376ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24ad9d02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
3646
server
cloudflare
index_status
eqlplayground.io/s/eqldemo/internal/uptime/
60 B
691 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/uptime/index_status?from=now-7d&to=now
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1cb699afdda38d394a8df0442ae37efe0496ddbddf3775d4282ff0571066454
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24ad9d32c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
controls.chunk.0.js
eqlplayground.io/70281/bundles/plugin/controls/1.0.0/
92 KB
26 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a213afb50c24e049fe209183110bc4748401c5f5b8e81ba8d7f99decee3d4df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293407
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:46 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24bba712c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
controls.chunk.8.js
eqlplayground.io/70281/bundles/plugin/controls/1.0.0/
3 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.chunk.8.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e653ce2ec816379e49e92ba251411570660dbbdd011f9fb41a10aeda75f873ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293407
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:55:31 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24bba722c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1377
server
cloudflare
securitySolution.chunk.25.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
3 MB
806 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.25.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3896bc13ec0efb00703240b8d7c380629cbf88fb7c562b460cf5e603dea6aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293406
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:53 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:53 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d2b802c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
614cd9082d277e0ccfbd7420
app.launchdarkly.com/sdk/goals/
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/614cd9082d277e0ccfbd7420
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-tags,x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://eqlplayground.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 07 Nov 2024 22:28:54 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-served-by
cache-fra-etou8220043-FRA
x-timer
S1731018534.010993,VS0,VE0
614cd9082d277e0ccfbd7420
events.launchdarkly.com/events/diagnostic/
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/614cd9082d277e0ccfbd7420
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.38.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-38-139.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-tags,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://eqlplayground.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Thu, 07 Nov 2024 22:28:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
614cd9082d277e0ccfbd7420
app.launchdarkly.com/sdk/goals/
2 B
179 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/614cd9082d277e0ccfbd7420
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

x-launchdarkly-tags
application-id/kibana-browser application-version/8.12.2
Referer
https://eqlplayground.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4

Response headers

content-md5
d751713988987e9331980363e24189ce
access-control-max-age
300
content-encoding
gzip
etag
"d751713988987e9331980363e24189ce"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json
x-served-by
cache-fra-etou8220043-FRA
x-cache-hits
1
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
cache-control
max-age=0
x-timer
S1731018534.031939,VS0,VE1
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
26
614cd9082d277e0ccfbd7420
events.launchdarkly.com/events/diagnostic/
0
358 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/614cd9082d277e0ccfbd7420
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.38.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-38-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

x-launchdarkly-tags
application-id/kibana-browser application-version/8.12.2
Referer
https://eqlplayground.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyMjA5Zjg3ZjRmYTE5NDEyY...
app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/
7 KB
2 KB
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyMjA5Zjg3ZjRmYTE5NDEyYzg0MGNiZmU2Y2VlIn0
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b49e3915e9d7aecc0659b23b8ce4062dcc5e33666aaeb9ad1539d642c8871db

Request headers

x-launchdarkly-tags
application-id/kibana-browser application-version/8.12.2
Referer
https://eqlplayground.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"229dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
MISS
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json
vary
Authorization, Accept-Encoding
x-served-by
cache-fra-etou8220104-FRA, cache-fra-etou8220043-FRA
x-cache-hits
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
x-timer
S1731018534.032056,VS0,VE12
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1697
eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyMjA5Zjg3ZjRmYTE5NDEyY...
app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyMjA5Zjg3ZjRmYTE5NDEyYzg0MGNiZmU2Y2VlIn0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-tags,x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://eqlplayground.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 07 Nov 2024 22:28:54 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-fra-etou8220043-FRA
x-timer
S1731018534.010998,VS0,VE0
_active_space
eqlplayground.io/s/eqldemo/internal/spaces/
5 KB
4 KB
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/spaces/_active_space
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb14a16a2aa6e96aec1937518a2e8363c370b4315f1f2a5650018f4fb6376ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d3b8d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
3646
server
cloudflare
ml.chunk.5.js
eqlplayground.io/70281/bundles/plugin/ml/1.0.0/
163 KB
58 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.chunk.5.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
220f8ee182a1c6eeccc6aaf2750491e472dd566831d08e4305aed6c9a9e94d3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6ba92c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
ml.chunk.6.js
eqlplayground.io/70281/bundles/plugin/ml/1.0.0/
277 KB
93 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.chunk.6.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de3596ed2b319839d0ec399b8770743a37778e797b08b9c7ea4a81924050934f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:14 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6baa2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
ml.chunk.26.js
eqlplayground.io/70281/bundles/plugin/ml/1.0.0/
20 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.chunk.26.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da55331c1ee51f2bd9c2c121fabedbd197ffe5588fcb9318a1318ff6f8d8be83
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 16 Aug 2024 13:59:24 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bab2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.2.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
14 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26618ab401a7526a3f02d1e5e4d5fa0f9e85d4bc7d0d7667f239b8d4979e08e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:31 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bac2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3807
server
cloudflare
observability.chunk.4.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
31 KB
10 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23c6749aca7b345bc4710f47b2ff98abacd1f0d4fe682ea877f95c8a17c721f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:13 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6baf2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.18.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
5 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.18.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d555c7de470bdf5d732957eed34b9626ed833a97cef580cf9d983b0e8992a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 02 Jun 2024 23:15:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bb12c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2046
server
cloudflare
observability.chunk.8.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
15 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.8.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204d0660faaea815bd1a57d14d5a7f2e07f7bb7b6fcabaa884438cea29beac9e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:13 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bb22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
observability.chunk.19.js
eqlplayground.io/70281/bundles/plugin/observability/1.0.0/
2 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.chunk.19.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/observability/1.0.0/observability.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ba73e4b42f3bee03e90a067e3bb50d95bbd546d38e7849070b22cd7fc4613
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:06:54 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bb32c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
823
server
cloudflare
_record_auth_type
eqlplayground.io/s/eqldemo/internal/security/analytics/
106 B
715 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/analytics/_record_auth_type
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac912bc1f8ab0b3e748567af402db276db426e70b791ebafa43897e5cfd4dab0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bad2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
user_profile
eqlplayground.io/s/eqldemo/internal/security/
60 B
690 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/user_profile?dataPath=avatar%2CuserSettings
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f006bbd60894452b80c7d19e1c832d1e30f457540dc5e52e567bc1ffe522615d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bb52c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
me
eqlplayground.io/s/eqldemo/internal/security/
356 B
832 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/me
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb5a2ee5b8d43f1fc05c4c027af96d0a9c71354376612be2e05474c838a89ae6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24d6bb62c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
me
eqlplayground.io/s/eqldemo/internal/security/
356 B
832 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/me
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb5a2ee5b8d43f1fc05c4c027af96d0a9c71354376612be2e05474c838a89ae6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24f9ce12c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kibana-browser
telemetry.elastic.co/v3/send/
16 B
158 B
Fetch
General
Full URL
https://telemetry.elastic.co/v3/send/kibana-browser
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2440:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
08e2c358ce13cb67f94ebb35b0f67c8763190a857c0db68da6eb196dfe9da46a

Request headers

x-elastic-stack-version
8.12.2
Referer
https://eqlplayground.io/
x-elastic-cluster-id
UNKNOWN
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/x-ndjson

Response headers

cache-control
private
content-encoding
gzip
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
function-execution-id
urdggzwsd8hr
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json
x-cloud-trace-context
64edeba1e30e90bdd4b8dbf16d43a49c
server
Google Frontend
kibana-browser
telemetry.elastic.co/v3/send/
0
0
Preflight
General
Full URL
https://telemetry.elastic.co/v3/send/kibana-browser
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2440:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-elastic-cluster-id,x-elastic-stack-version
Access-Control-Request-Method
POST
Origin
https://eqlplayground.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
allow
POST,OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 22:28:54 GMT
function-execution-id
wy0ixcj906zv
server
Google Frontend
via
1.1 google
x-cloud-trace-context
210a7c15188951aa25e6f68331ca4dd8
spaces.chunk.9.js
eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/
920 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/spaces.chunk.9.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/spaces/1.0.0/spaces.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5f0ad4cc366d5243b41db8fe7f6e3ec3630eab59461ef03c1a6afb1ca687d05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 22 Jun 2024 14:45:11 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24dfc072c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
582
server
cloudflare
controls.chunk.6.js
eqlplayground.io/70281/bundles/plugin/controls/1.0.0/
10 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.chunk.6.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/controls/1.0.0/controls.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c588661a74647ec613e9bdb02049c9fd39d34f31618b5bf5198d289eb75fdd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:32 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c24e5c3f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2121
server
cloudflare
events
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/
0
41 B
Fetch
General
Full URL
https://ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.195.130.253 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
253.130.195.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eqlplayground.io/
Content-Encoding
gzip
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://eqlplayground.io
x-found-handling-instance
instance-0000000194
content-length
0
x-found-handling-cluster
ade34e15ce8041d483d0a571d4543a15
date
Thu, 07 Nov 2024 22:28:54 GMT
x-cloud-request-id
w5mZgAcKQLqYWIvTdJew6Q
x-content-type-options
nosniff
events
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/
0
0
Preflight
General
Full URL
https://ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.195.130.253 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
253.130.195.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type
Access-Control-Request-Method
POST
Origin
https://eqlplayground.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Content-Encoding, Accept
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://eqlplayground.io
access-control-expose-headers
Etag
access-control-max-age
3600
content-length
0
date
Thu, 07 Nov 2024 22:28:54 GMT
vary
Origin
x-cloud-request-id
fJDjnFZbSXeOolukVA9Tkw
x-content-type-options
nosniff
x-found-handling-cluster
ade34e15ce8041d483d0a571d4543a15
x-found-handling-instance
instance-0000000194
eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJoYXNEYXRhIjp0cnVlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyM...
app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/
7 KB
2 KB
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJoYXNEYXRhIjp0cnVlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyMjA5Zjg3ZjRmYTE5NDEyYzg0MGNiZmU2Y2VlIn0
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b49e3915e9d7aecc0659b23b8ce4062dcc5e33666aaeb9ad1539d642c8871db

Request headers

x-launchdarkly-tags
application-id/kibana-browser application-version/8.12.2
Referer
https://eqlplayground.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.1.4

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"229dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
MISS
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json
vary
Authorization, Accept-Encoding
x-served-by
cache-fra-etou8220129-FRA, cache-fra-etou8220043-FRA
x-cache-hits
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
x-timer
S1731018534.101619,VS0,VE13
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
1697
eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJoYXNEYXRhIjp0cnVlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyM...
app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/614cd9082d277e0ccfbd7420/contexts/eyJraWJhbmFWZXJzaW9uIjoiOC4xMi4yIiwidHJpYWxFbmREYXRlIjoiMjAxOC0wOC0wNlQxOTowNDozMS4zMDNaIiwiaXNFbGFzdGljU3RhZmYiOnRydWUsImluVHJpYWwiOmZhbHNlLCJoYXNEYXRhIjp0cnVlLCJraW5kIjoidXNlciIsImtleSI6IjhmMWQyMjA5Zjg3ZjRmYTE5NDEyYzg0MGNiZmU2Y2VlIn0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-tags,x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://eqlplayground.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 07 Nov 2024 22:28:54 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
4
x-served-by
cache-fra-etou8220043-FRA
x-timer
S1731018534.088729,VS0,VE0
securitySolution.chunk.23.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
854 KB
232 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.23.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
266943b8b117bcd010a0fddd23a62e233c19d5b927ce12179f48035464f12582
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:04 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2503d2e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
ml.chunk.35.js
eqlplayground.io/70281/bundles/plugin/ml/1.0.0/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.chunk.35.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/ml/1.0.0/ml.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acc4dd3c34945769869a09b588437748217d5ca4e5ac13832ed26ad4023a69c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293408
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:54 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:34 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c250fd9d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
576
server
cloudflare
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
461175aa2f27278f687299d7f33980f85243a6d9ee0ab7874ab997e4c9142318

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
index
eqlplayground.io/s/eqldemo/api/detection_engine/
72 B
721 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/index
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27ffa1ab1869248d3ccf59f8bf9a81ebe1e00c49fe4028eef63ce34123edb454
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
2023-10-31
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2512dc52c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
events
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/
0
36 B
Fetch
General
Full URL
https://ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.195.130.253 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
253.130.195.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eqlplayground.io/
Content-Encoding
gzip
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://eqlplayground.io
x-found-handling-instance
instance-0000000194
content-length
0
x-found-handling-cluster
ade34e15ce8041d483d0a571d4543a15
date
Thu, 07 Nov 2024 22:28:54 GMT
x-cloud-request-id
yc3GTnzQRe6XW8gGAYSUMA
x-content-type-options
nosniff
search
eqlplayground.io/s/eqldemo/api/content_management/rpc/
2 KB
1 KB
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/content_management/rpc/search
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47eedb7a51b864e44064c1dd430500ad7d59df14d3cfaca60aee128bd4c8902
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c251ce2e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
705
server
cloudflare
get
eqlplayground.io/s/eqldemo/api/content_management/rpc/
749 B
984 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/content_management/rpc/get
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ae755a56cfd11ef3274d04dace64511943a652a46444fb03ccece0ef41ace7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:54 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2524e712c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
_fields_for_wildcard
eqlplayground.io/s/eqldemo/internal/data_views/
1 MB
55 KB
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/data_views/_fields_for_wildcard?pattern=.alerts-security.alerts-eqldemo%2Ceqldemo%2Clogs-endpoint.*-eqldemo%2Clogs-network_traffic.*-eqldemo%2Clogs-system.*-eqldemo%2Clogs-windows.*-eqldemo%2Cmetricseqldemo&meta_fields=_source&meta_fields=_id&meta_fields=_index&meta_fields=_score&allow_no_index=true
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ad56be62faf7e4ab054d7c2c2d97fb9c4178cb1b2313aca37bee558cbf7941
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
1
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:55 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c252fee82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
kibana-browser
telemetry.elastic.co/v3/send/
16 B
54 B
Fetch
General
Full URL
https://telemetry.elastic.co/v3/send/kibana-browser
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.113.255 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
255.113.95.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
08e2c358ce13cb67f94ebb35b0f67c8763190a857c0db68da6eb196dfe9da46a

Request headers

x-elastic-stack-version
8.12.2
Referer
https://eqlplayground.io/
x-elastic-cluster-id
_I5KapU0SneUWSm8HfYygQ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/x-ndjson
x-elastic-license-id
90db30a7-19e4-42e6-b1fc-c76567ada0e2

Response headers

cache-control
private
content-encoding
gzip
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
function-execution-id
ma3ccwnkqq9v
date
Thu, 07 Nov 2024 22:28:55 GMT
content-type
application/json
x-cloud-trace-context
5530e7afee96ee79ac31c7c533edbfdf
server
Google Frontend
_existing_indices
eqlplayground.io/s/eqldemo/internal/data_views/
170 B
741 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/data_views/_existing_indices?indices=.alerts-security.alerts-eqldemo&indices=eqldemo&indices=logs-endpoint.*-eqldemo&indices=logs-network_traffic.*-eqldemo&indices=logs-system.*-eqldemo&indices=logs-windows.*-eqldemo&indices=metricseqldemo
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ed2a498bc10eec5fd3a353a61f36c5c19456ee1c6716dae58ff71d30535f23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
1
traceparent
00-fb48cb98392170d12bf954ce555cb94a-26071c8a7194ee4d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:55 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25628992c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.28.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
87 KB
28 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.28.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f3d27252b78fde2ee80e133af4e60fcc6d149ee9f3f8e254ee95d34f9c8e9bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293403
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:55 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 12 Jul 2024 06:30:22 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c256f8f42c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.27.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
2 MB
451 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.27.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46cbf39f8a7703f81d58a70eadf2ef5a4d660d7fcaf7f8aa5c49b9959886acb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293403
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:55 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:05 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25759282c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.18.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
867 KB
233 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.18.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfb0460a1f65dd849a93cfa71682a5f227551417edbd730b0e9ea9fcc1318c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293402
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:55 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 05 Jun 2024 21:13:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c258fa122c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
endpoint
eqlplayground.io/s/eqldemo/api/fleet/epm/packages/
69 KB
12 KB
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/fleet/epm/packages/endpoint
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec856834c661bd04ac34ca29fc3e6667992e8e93589ace69e54532df9f305eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c259ca6f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
privileges
eqlplayground.io/s/eqldemo/api/lists/
2 KB
1022 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/lists/privileges
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51a8c21fad9d85a414fe9d6b104ff945507e56eab1419d4da1a293a512c1ef9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c259ca712c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
376
server
cloudflare
privileges
eqlplayground.io/s/eqldemo/api/detection_engine/
1 KB
1006 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/privileges
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb2234bfd23220cda84286e9a442805bd0abe73869328c34928358af12ae2d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c259ca732c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
360
server
cloudflare
me
eqlplayground.io/s/eqldemo/internal/security/
356 B
832 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/security/me
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb5a2ee5b8d43f1fc05c4c027af96d0a9c71354376612be2e05474c838a89ae6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
kbn-system-request
true
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c259ca752c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
ml_capabilities
eqlplayground.io/s/eqldemo/internal/ml/
1 KB
999 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/ml/ml_capabilities
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de24012040ebbbebc61b8cd29e1db7ea8191baba8cffa1560d7389ff1f8bb4c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)
elastic-api-version
1
kbn-system-request
true
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c259ca772c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
359
server
cloudflare
unifiedSearch.chunk.0.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
15 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
779203f8aa848fd035e7a08da0ac53c8d2623f6726a05f1a421fc625d2eb89c9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 04 Jul 2024 00:54:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b3b312c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
unifiedSearch.chunk.1.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe7b876be642d122ae75ba893f33b6923c0f65b0f6d26c7b3e3dc100afe9535d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 07:48:23 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b3b322c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3567
server
cloudflare
unifiedSearch.chunk.2.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
23 KB
7 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0615a340cd178372128cca99fa4170ba9303f2dd46fd3c1ef3e0b7f354dcd183
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:56 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b3b332c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
unifiedSearch.chunk.3.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.3.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8307c85c52ad711d5a5279e2f97c72d550a70472a79a4a49458e43657a0046ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 04 Jun 2024 01:10:03 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b3b342c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3272
server
cloudflare
unifiedSearch.chunk.4.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
25 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99623fbbb7235a50893569d3fdf39d8fe6237c7f3c8d89cd81fd67631173e2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:05 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b3b352c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
unifiedSearch.chunk.5.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
16 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.5.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619a131a9e8cb7e78ad69a0266e854ed048df3c4d0c9d534d670173c4458366e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:39 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b3b362c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
unifiedSearch.chunk.8.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
34 KB
9 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.8.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a26bbb4dbe026dd7a80d55d1e4e40cba950404e73807886fa9f8213bc0b6addd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 04 Sep 2024 12:08:11 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b3b382c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.15.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
30 KB
9 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.15.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26918b360865893350f31076541cd32c203526b7f587f046a844db21138f72f9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 15:00:46 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b9b6a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.16.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
29 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.16.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32aa3fd8e99f65095853b6998da342d7379088469a106ec105533ed22ebdb164
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 27 Mar 2024 14:53:52 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b9b6b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.44.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
37 KB
11 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.44.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ea1f67a28b5d4ee050905dcd45f2d1c6009bb749812ac46ee24c047d109428
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:56 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b9b6c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
securitySolution.chunk.50.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
5 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.50.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7249397f61c6fd6ac63144a8e8c7965afb0114512c7f87c0305a4ceec907681
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:16:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25b9b6d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2101
server
cloudflare
kbn-ui-shared-deps-npm.chunk.195.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
692 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.195.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c199e9533f380c31cca0df834319a83b0d4296a6da19b93ffde82d378ca3100
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:40 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab712c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
465
server
cloudflare
kbn-ui-shared-deps-npm.chunk.60.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
722 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.60.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd5ed5ee0f4e1ef07a998d2f607e91b57acb7a61bcf495df8f457603fb94995
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 06:35:29 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab722c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
452
server
cloudflare
kbn-ui-shared-deps-npm.chunk.273.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
776 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.273.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75aad33e59c9e828be19c182d817a1444a6db38d6e08713c771c2b3e4d3a2a2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:47 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab732c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
505
server
cloudflare
kbn-ui-shared-deps-npm.chunk.295.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
785 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.295.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c8fb0ec392cde249feda6dd32298affe4aa97e71025168fbd9038c51f9515a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab742c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
494
server
cloudflare
kbn-ui-shared-deps-npm.chunk.200.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.200.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3327a0947eeb6f13e10746ce8666fa65ca22a8c1976f5f2c8ea244bd0f61e8d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:17:51 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab752c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
545
server
cloudflare
kbn-ui-shared-deps-npm.chunk.336.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
749 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.336.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe7632505c3750a07df401d72408becfd6477e4409909cac9cc3e1528abae55
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 16 Apr 2024 01:56:56 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab762c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
468
server
cloudflare
kbn-ui-shared-deps-npm.chunk.366.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.366.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30e660f8bddbffb95a451aef140ed9f9ac1ab1b22268337ac547630c4337db2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 07 Nov 2024 07:48:22 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab772c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
777
server
cloudflare
kbn-ui-shared-deps-npm.chunk.67.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
797 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.67.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd9715032e59a1bc90a662f3c0198bea6f9f08fbf37af9072a874778fb8e384
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:56 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25bab782c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
542
server
cloudflare
securitySolution.chunk.32.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
11 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.32.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3abb7bc5b86d7d92af0c27bd6f1894fdad2cd130c45fd4d2925d38954e8e683d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-09-04T07:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-09-05T06:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-09-04T00:00:01.067Z%27,kind:absolute,to:%272024-09-05T00:00:01.068Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 14 Apr 2024 19:45:17 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25c0ba22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3726
server
cloudflare
securitySolution.chunk.37.js
eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/
22 KB
8 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.chunk.37.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/securitySolution/1.0.0/securitySolution.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d24ffb86db0327a7df37a1e3813b719e0d7b142dcf29bac691e4fff05b62f1e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-09-04T07:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-09-05T06:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-09-04T00:00:01.067Z%27,kind:absolute,to:%272024-09-05T00:00:01.068Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 16:31:32 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25c3bc02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
Inter-Bold.woff2
eqlplayground.io/ui/fonts/inter/
103 KB
104 KB
Font
General
Full URL
https://eqlplayground.io/ui/fonts/inter/Inter-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7824a9014117f15dfa90a4a1c4082b3c52eb3cb0aa9da3dcf627ff2886e039b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eqlplayground.io
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

cf-cache-status
REVALIDATED
etag
"a197eb37acbe6c839d9a549a08fe80bb8a39d6aa"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
font/woff2
last-modified
Mon, 19 Feb 2024 12:18:38 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25d7c6b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
105912
server
cloudflare
Inter-SemiBold.woff2
eqlplayground.io/ui/fonts/inter/
103 KB
104 KB
Font
General
Full URL
https://eqlplayground.io/ui/fonts/inter/Inter-SemiBold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a91eb1b863ca7543716e4782113a07504de66ece767eda455a33c344cbfefa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://eqlplayground.io
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)

Response headers

cf-cache-status
REVALIDATED
etag
"3e4531452e8ed6b6ddeb7a9c53c8e09f3575c006"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
font/woff2
last-modified
Mon, 19 Feb 2024 12:18:38 GMT
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25d7c6d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
105980
server
cloudflare
status
eqlplayground.io/s/eqldemo/internal/risk_score/engine/
128 B
733 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/risk_score/engine/status
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c562e371dcde1a69e4f6698fe5b2d1725076cecfdaef62cb9bab8d7e6aee2da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
1
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25d7c692c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
_setup
eqlplayground.io/s/eqldemo/internal/detection_engine/health/
2 B
651 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/detection_engine/health/_setup
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
1
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25d7c672c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
2
server
cloudflare
_existing_indices
eqlplayground.io/s/eqldemo/internal/data_views/
170 B
745 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/data_views/_existing_indices?indices=.alerts-security.alerts-eqldemo&indices=eqldemo&indices=logs-endpoint.*-eqldemo&indices=logs-network_traffic.*-eqldemo&indices=logs-system.*-eqldemo&indices=logs-windows.*-eqldemo&indices=metricseqldemo
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ed2a498bc10eec5fd3a353a61f36c5c19456ee1c6716dae58ff71d30535f23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
1
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25d7c6a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
614cd9082d277e0ccfbd7420
events.launchdarkly.com/events/bulk/
0
358 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/614cd9082d277e0ccfbd7420
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.38.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-38-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

x-launchdarkly-tags
application-id/kibana-browser application-version/8.12.2
X-LaunchDarkly-Event-Schema
4
Referer
https://eqlplayground.io/
X-LaunchDarkly-Payload-ID
ad4a2d90-9d57-11ef-b8a2-e3afaff9e08d
X-LaunchDarkly-User-Agent
JSClient/3.1.4
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
614cd9082d277e0ccfbd7420
events.launchdarkly.com/events/bulk/
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/614cd9082d277e0ccfbd7420
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.38.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-38-139.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-tags,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://eqlplayground.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Thu, 07 Nov 2024 22:28:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
favicon.svg
eqlplayground.io/ui/favicons/
1008 B
0
Other
General
Full URL
https://eqlplayground.io/ui/favicons/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160f4ef3788e8b599e30ccc74b4b74f3a5a70a28fa68b6df0b582f741a7025bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"c2ae8872d6be83d97704438ba39271e9af1a65d0"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
image/svg+xml
last-modified
Mon, 19 Feb 2024 12:18:35 GMT
vary
Accept-Encoding
x-frame-options
DENY
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b1e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
bsearch
eqlplayground.io/s/eqldemo/internal/
7 KB
8 KB
XHR
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/bsearch?compress=true
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f610d27b4cb49b0196d2fe28a89a2ae8bdb44cb4497d32ca1b9d9db6d7e30bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
1
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/x-ndjson
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25eed2a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
lens.chunk.0.js
eqlplayground.io/70281/bundles/plugin/lens/1.0.0/
42 KB
12 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.chunk.0.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595e38ed6d910624dbe141bdcf0c9f426e6401137cb69e72efb1e34a19eea0a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:17:50 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25f2d4a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
lens.chunk.1.js
eqlplayground.io/70281/bundles/plugin/lens/1.0.0/
333 KB
86 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.chunk.1.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f45457caf1f02633c29f0e9d6f255c938155f00eacce239dbc6f543ff4541b31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:17:50 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25f2d4b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
lens.chunk.2.js
eqlplayground.io/70281/bundles/plugin/lens/1.0.0/
18 KB
6 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e0523ec3ae2fd90e55a14993dda9e328ef0fb5048681191e5e938d51a755b4b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:17:50 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25f2d4c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
lens.chunk.3.js
eqlplayground.io/70281/bundles/plugin/lens/1.0.0/
911 KB
231 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.chunk.3.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/lens/1.0.0/lens.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127409f31f7df25437d8bb29ea47691fe04889498a1b6925dfaaa62bbbbfc370
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:56 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:08 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c25f2d4e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
favicon.svg
eqlplayground.io/ui/favicons/
1008 B
0
Other
General
Full URL
https://eqlplayground.io/ui/favicons/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160f4ef3788e8b599e30ccc74b4b74f3a5a70a28fa68b6df0b582f741a7025bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"c2ae8872d6be83d97704438ba39271e9af1a65d0"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
image/svg+xml
last-modified
Mon, 19 Feb 2024 12:18:35 GMT
vary
Accept-Encoding
x-frame-options
DENY
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b1e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
favicon.svg
eqlplayground.io/ui/favicons/
1008 B
0
Other
General
Full URL
https://eqlplayground.io/ui/favicons/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160f4ef3788e8b599e30ccc74b4b74f3a5a70a28fa68b6df0b582f741a7025bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"c2ae8872d6be83d97704438ba39271e9af1a65d0"
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 02:28:51 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:51 GMT
content-type
image/svg+xml
last-modified
Mon, 19 Feb 2024 12:18:35 GMT
vary
Accept-Encoding
x-frame-options
DENY
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=14400
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c23f3b1e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
unifiedSearch.chunk.15.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
2 KB
2 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.15.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de84d9c0b69cc00d6c8ceb57c1595f160dc94c691e737d879bf8603183ae609e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293402
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:19 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2602db82c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
1059
server
cloudflare
triggersActionsUi.chunk.4.js
eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/
596 KB
89 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/triggersActionsUi.chunk.4.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/triggersActionsUi.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0b39f9a6ad21c5a17ca5cabafd664306134de0f3cb1cc31160ded7e72b7099
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293401
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:56 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2606dd52c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
triggersActionsUi.chunk.11.js
eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/
14 KB
5 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/triggersActionsUi.chunk.11.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/triggersActionsUi/1.0.0/triggersActionsUi.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc0bcc988d16c1aada4bff69609dcbc663be7cccee4942ea08a5ab4d842013e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 13:55:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2606dd62c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
timelines.chunk.8.js
eqlplayground.io/70281/bundles/plugin/timelines/1.0.0/
2 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/timelines/1.0.0/timelines.chunk.8.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/timelines/1.0.0/timelines.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6c1174199dd0d934bf73d9d63f30eb4198938a72bc6a205ee775f250bf8dcb9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 04 Sep 2024 12:08:12 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2611e262c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
864
server
cloudflare
kbn-ui-shared-deps-npm.chunk.362.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
891 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.362.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e5733c9b3d6e602ca19d05bbebf8ed95cbea5c214fa70ab8fab033ffc7e0ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be742c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
459
server
cloudflare
kbn-ui-shared-deps-npm.chunk.213.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.213.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c823bd6b045f990253a0776ac514e0d96af16da91d44d419adef57c5584ff5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 24 Oct 2024 06:57:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be752c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
738
server
cloudflare
kbn-ui-shared-deps-npm.chunk.159.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
665 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.159.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4230d56e2d073c1d327bcc9ff910164f253a8cb014d91e848a3b01eb961ec0dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:48 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be762c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
401
server
cloudflare
kbn-ui-shared-deps-npm.chunk.337.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
636 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.337.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff06f9ca96ca52dcfe9493665869d5f8c2916a8b1e6bc59e511690683785170
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be772c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
410
server
cloudflare
kbn-ui-shared-deps-npm.chunk.80.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
953 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.80.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77605f1d7151a5ade48dd756ef0d8104e3e1f3dba8496c9778a349aa2d4b1d0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 16:31:34 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be782c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
554
server
cloudflare
kbn-ui-shared-deps-npm.chunk.390.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.390.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fc76e94b27160a65377c62e62a9f58715c2be8a165f8c227c160ff6eb43933
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:06:24 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be792c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
591
server
cloudflare
kbn-ui-shared-deps-npm.chunk.223.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
844 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.223.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d06ae32f5252ef1b1009b6ba06411e91da1458724e70810af2fd57ea7639b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 03 Nov 2024 22:54:48 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be7b2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
553
server
cloudflare
kbn-ui-shared-deps-npm.chunk.358.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
723 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.358.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181df961a1e7d2c04c2c0c5bbced64266401c3df4b615a9d5f3a72afe649c63a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 15 Aug 2024 23:14:41 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be7c2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
471
server
cloudflare
kbn-ui-shared-deps-npm.chunk.342.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
674 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.342.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac053f5510f63c938cd6aa10144326e2f6b471b315523f2e5fa7e09ce6b869c2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 11:48:06 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be7d2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
435
server
cloudflare
kbn-ui-shared-deps-npm.chunk.175.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
1 KB
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.175.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b93b8c39eac2b6bbfa16ef8f2c5e45208aecbee328067e63e377503ab2892d7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:57 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be7e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
730
server
cloudflare
kbn-ui-shared-deps-npm.chunk.173.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
858 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.173.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a33ed98cba079829b4ad1787d434e66f52df110df92abab1e3f5a0d0699ae0c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 14 Aug 2024 22:07:19 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be7f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
519
server
cloudflare
kbn-ui-shared-deps-npm.chunk.361.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
739 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.361.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1259d9b672e0b275e2d2678b7d85748c826d3ab084d3ebfdb5a311ec799c4fe6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 06 Nov 2024 10:38:42 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be802c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
452
server
cloudflare
kbn-ui-shared-deps-npm.chunk.359.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
722 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.359.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05907af2d4e489eaa10562be7e1c0230dd705dfd60316447c96c1af8f3a34090
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be812c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
465
server
cloudflare
kbn-ui-shared-deps-npm.chunk.101.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
674 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.101.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80498991afb4cb6ef0ac1cbae8e58886d8aab425bf8d078583ddf7823672f698
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be832c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
419
server
cloudflare
kbn-ui-shared-deps-npm.chunk.338.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
758 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.338.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a0968c4304673b5b63c497277ce0289b8b2a20f77dde2bcbb81e8faf6b53b5a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Apr 2024 11:03:52 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be852c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
464
server
cloudflare
kbn-ui-shared-deps-npm.chunk.98.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
800 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.98.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a461bf3b3afc597e77acf6da7bb61b6da4813054d54510cde97310464e0ebf66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 04 Jul 2024 00:54:20 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261be862c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
459
server
cloudflare
unifiedSearch.chunk.10.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
6 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.10.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e0698bc26d7174e5e9977751243bf1ebe67ba80b0624ebe33f21bcc684ea5b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 12:12:52 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c261ee982c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2022
server
cloudflare
_find
eqlplayground.io/s/eqldemo/internal/saved_query/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/saved_query/_find
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
1
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2625edc2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
29
server
cloudflare
_find
eqlplayground.io/s/eqldemo/internal/saved_query/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/saved_query/_find
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
1
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2625ede2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
content-length
29
server
cloudflare
kbn-ui-shared-deps-npm.chunk.187.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
847 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.187.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d635d2ae46dce5067e8791b7b369b21ad09d5850c768cab58d43c4999728701e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 06 Oct 2024 10:02:18 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2628eee2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
550
server
cloudflare
kbn-ui-shared-deps-npm.chunk.112.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
513 B
1002 B
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.112.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912b4d7661d80d23cb8a2645f4890620d7b1fd8e80ab192a038ed71eb2a05d55
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 18:24:38 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c262bf022c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
351
server
cloudflare
index_status
eqlplayground.io/s/eqldemo/internal/risk_score/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/internal/risk_score/index_status?indexName=ml_user_risk_score_latest_eqldemo&entity=user
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
1
kbn-system-request
true
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

cf-cache-status
DYNAMIC
elastic-api-version
1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c262ef1f2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
40
server
cloudflare
search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

index
eqlplayground.io/s/eqldemo/api/detection_engine/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/index
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c262ef232c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
index
eqlplayground.io/s/eqldemo/api/detection_engine/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/index
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c2637f7e2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
index
eqlplayground.io/s/eqldemo/api/detection_engine/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/index
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c263ffd02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c26468072c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
2023-10-31
traceparent
00-524d9e9b2e561b9c0d63c2dd958f50df-503a6d2850df0c92-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:57 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c264680a2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

favicon.png
eqlplayground.io/ui/favicons/
0
0

maps.chunk.9.js
eqlplayground.io/70281/bundles/plugin/maps/1.0.0/
0
0

eventAnnotation.chunk.1.js
eqlplayground.io/70281/bundles/plugin/eventAnnotation/1.0.0/
0
0

kbn-ui-shared-deps-npm.chunk.382.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
590 B
1 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.382.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0baff50a2a59ea98c58afe91e2c9f6ff463694da23f9730be37e7b44a12d999f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
293400
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:59 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:59 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Mar 2024 18:27:19 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c26eddad2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
399
server
cloudflare
search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
0
0

search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
268 B
838 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
2023-10-31
traceparent
00-adcadf873ad411a3dfacdcfb463a445d-d2143b2a44803f8d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c270bebf2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
search
eqlplayground.io/s/eqldemo/api/detection_engine/signals/
277 B
843 B
Fetch
General
Full URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)
elastic-api-version
2023-10-31
traceparent
00-adcadf873ad411a3dfacdcfb463a445d-d2143b2a44803f8d-00
x-elastic-internal-origin
Kibana
kbn-build-number
70281
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-kbn-context
%7B%22type%22%3A%22application%22%2C%22name%22%3A%22securitySolutionUI%22%2C%22url%22%3A%22%2Fs%2Feqldemo%2Fapp%2Fsecurity%2Fusers%2Fname%2Fadministrador%2Fevents%22%2C%22page%22%3A%22%2Fusers%2Fname%2Fadministrador%2Fevents%22%7D
Content-Type
application/json
kbn-version
8.12.2
tracestate
es=s:0.1

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
elastic-api-version
2023-10-31
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
private, no-cache, no-store, must-revalidate
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c270bec22c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
server
cloudflare
bsearch
eqlplayground.io/s/eqldemo/internal/
0
0

events
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/
0
59 B
Fetch
General
Full URL
https://ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/core/core.chunk.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.195.130.253 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
253.130.195.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eqlplayground.io/
Content-Encoding
gzip
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-ndjson

Response headers

access-control-allow-origin
https://eqlplayground.io
x-found-handling-instance
instance-0000000194
content-length
0
x-found-handling-cluster
ade34e15ce8041d483d0a571d4543a15
date
Thu, 07 Nov 2024 22:28:59 GMT
x-cloud-request-id
dSq5r4ClQ3ip04sYbcffJA
x-content-type-options
nosniff
unifiedSearch.chunk.18.js
eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/
10 KB
3 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.chunk.18.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/unifiedSearch/1.0.0/unifiedSearch.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:59 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:59 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 27 May 2024 08:12:58 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c270bed02c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
2325
server
cloudflare
embeddable.chunk.2.js
eqlplayground.io/70281/bundles/plugin/embeddable/1.0.0/
10 KB
4 KB
Script
General
Full URL
https://eqlplayground.io/70281/bundles/plugin/embeddable/1.0.0/embeddable.chunk.2.js
Requested by
Host: eqlplayground.io
URL: https://eqlplayground.io/70281/bundles/plugin/embeddable/1.0.0/embeddable.plugin.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5a2860b47b1e30d171e3039f0a85b35f709b2e20ef9fe8b3f3767f4f7e6e9c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default:(id:security-solution-eqldemo,selectedPatterns:!(eqldemo,%27logs-endpoint.*-eqldemo%27,%27logs-network_traffic.*-eqldemo%27,%27logs-system.*-eqldemo%27,%27logs-windows.*-eqldemo%27,metricseqldemo)))&timerange=(global:(linkTo:!(),timerange:(from:%272024-11-06T23:00:00.000Z%27,fromStr:now%2Fd,kind:relative,to:%272024-11-07T22:59:59.999Z%27,toStr:now%2Fd)),timeline:(linkTo:!(),timerange:(from:%272024-11-06T22:28:53.724Z%27,kind:absolute,to:%272024-11-07T22:28:53.724Z%27)))&timeline=(activeTab:query,graphEventId:%27%27,isOpen:!f)

Response headers

content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 22:28:59 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 07 Nov 2024 22:28:59 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 12:17:51 GMT
vary
accept-encoding
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
violations-endpoint="https://61870c4f7a2145b29a239ec89dc77c72.europe-west1.gcp.cloud.es.io:9243/internal/security/analytics/_record_violations"
content-security-policy
script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin
referrer-policy
strict-origin-when-cross-origin
cf-ray
8df0c270eede2c52-FRA
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
3576
server
cloudflare
events
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/
0
0

kbn-ui-shared-deps-npm.chunk.72.js
eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/
0
0

kibanaReact.chunk.3.js
eqlplayground.io/70281/bundles/plugin/kibanaReact/1.0.0/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/ui/favicons/favicon.png
Domain
eqlplayground.io
URL
https://eqlplayground.io/70281/bundles/plugin/maps/1.0.0/maps.chunk.9.js
Domain
eqlplayground.io
URL
https://eqlplayground.io/70281/bundles/plugin/eventAnnotation/1.0.0/eventAnnotation.chunk.1.js
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/api/detection_engine/signals/search
Domain
eqlplayground.io
URL
https://eqlplayground.io/s/eqldemo/internal/bsearch?compress=true
Domain
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io
URL
https://ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io/intake/v2/rum/events
Domain
eqlplayground.io
URL
https://eqlplayground.io/70281/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.chunk.72.js
Domain
eqlplayground.io
URL
https://eqlplayground.io/70281/bundles/plugin/kibanaReact/1.0.0/kibanaReact.chunk.3.js

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| kbnBundlesLoader object| kbnCsp object| loadingMessage boolean| __kbnStrictCsp__ string| __kbnThemeTag__ object| __kbnPublicPath__ object| __kbnBundles__ function| __kbnSharedDeps_npm__ object| webpackJsonp_kbnSharedDeps_npm_ object| __kbnSharedDeps__ object| webpackJsonp_kbnSharedDeps_ function| clearImmediate function| setImmediate object| regeneratorRuntime function| jQuery function| $ object| MonacoEnvironment function| _ object| core_bundle_jsonpfunction object| ux_bundle_jsonpfunction object| maps_bundle_jsonpfunction object| unifiedSearch_bundle_jsonpfunction object| textBasedLanguages_bundle_jsonpfunction object| kibanaReact_bundle_jsonpfunction object| data_bundle_jsonpfunction object| inspector_bundle_jsonpfunction object| kibanaUtils_bundle_jsonpfunction object| observability_bundle_jsonpfunction object| spaces_bundle_jsonpfunction object| dataViews_bundle_jsonpfunction object| stackAlerts_bundle_jsonpfunction object| exploratoryView_bundle_jsonpfunction object| visualizations_bundle_jsonpfunction object| charts_bundle_jsonpfunction object| lens_bundle_jsonpfunction object| embeddable_bundle_jsonpfunction object| apm_bundle_jsonpfunction object| observabilityAIAssistant_bundle_jsonpfunction object| ml_bundle_jsonpfunction object| savedObjectsFinder_bundle_jsonpfunction object| savedObjectsManagement_bundle_jsonpfunction object| dashboard_bundle_jsonpfunction object| presentationUtil_bundle_jsonpfunction object| cases_bundle_jsonpfunction object| fleet_bundle_jsonpfunction object| logsShared_bundle_jsonpfunction object| advancedSettings_bundle_jsonpfunction object| imageEmbeddable_bundle_jsonpfunction object| eventAnnotationListing_bundle_jsonpfunction object| securitySolutionEss_bundle_jsonpfunction object| securitySolution_bundle_jsonpfunction object| lists_bundle_jsonpfunction object| aiAssistantManagementObservability_bundle_jsonpfunction object| logstash_bundle_jsonpfunction object| monitoring_bundle_jsonpfunction object| alerting_bundle_jsonpfunction object| upgradeAssistant_bundle_jsonpfunction object| infra_bundle_jsonpfunction object| controls_bundle_jsonpfunction object| licenseManagement_bundle_jsonpfunction object| telemetryManagementSection_bundle_jsonpfunction object| observabilityOnboarding_bundle_jsonpfunction object| profiling_bundle_jsonpfunction object| synthetics_bundle_jsonpfunction object| unifiedDocViewer_bundle_jsonpfunction object| indexLifecycleManagement_bundle_jsonpfunction object| indexManagement_bundle_jsonpfunction object| uptime_bundle_jsonpfunction object| enterpriseSearch_bundle_jsonpfunction object| observabilityLogExplorer_bundle_jsonpfunction object| dataVisualizer_bundle_jsonpfunction object| discoverEnhanced_bundle_jsonpfunction object| cloudDefend_bundle_jsonpfunction object| cloudSecurityPosture_bundle_jsonpfunction object| crossClusterReplication_bundle_jsonpfunction object| remoteClusters_bundle_jsonpfunction object| rollup_bundle_jsonpfunction object| logExplorer_bundle_jsonpfunction object| osquery_bundle_jsonpfunction object| canvas_bundle_jsonpfunction object| reporting_bundle_jsonpfunction object| discover_bundle_jsonpfunction object| links_bundle_jsonpfunction object| aiops_bundle_jsonpfunction object| metricsDataAccess_bundle_jsonpfunction object| observabilityShared_bundle_jsonpfunction object| threatIntelligence_bundle_jsonpfunction object| kubernetesSecurity_bundle_jsonpfunction object| sessionView_bundle_jsonpfunction object| timelines_bundle_jsonpfunction object| stackConnectors_bundle_jsonpfunction object| transform_bundle_jsonpfunction object| triggersActionsUi_bundle_jsonpfunction object| expressionXY_bundle_jsonpfunction object| eventAnnotation_bundle_jsonpfunction object| visTypeGauge_bundle_jsonpfunction object| visDefaultEditor_bundle_jsonpfunction object| expressionGauge_bundle_jsonpfunction object| expressionHeatmap_bundle_jsonpfunction object| expressionLegacyMetricVis_bundle_jsonpfunction object| expressionMetricVis_bundle_jsonpfunction object| visTypePie_bundle_jsonpfunction object| expressionPartitionVis_bundle_jsonpfunction object| expressionTagcloud_bundle_jsonpfunction object| inputControlVis_bundle_jsonpfunction object| visTypeHeatmap_bundle_jsonpfunction object| visTypeMarkdown_bundle_jsonpfunction object| expressions_bundle_jsonpfunction object| visTypeMetric_bundle_jsonpfunction object| visTypeTable_bundle_jsonpfunction object| share_bundle_jsonpfunction object| visTypeTagcloud_bundle_jsonpfunction object| visTypeTimelion_bundle_jsonpfunction object| visTypeTimeseries_bundle_jsonpfunction object| visTypeVega_bundle_jsonpfunction object| visTypeVislib_bundle_jsonpfunction object| visTypeXy_bundle_jsonpfunction object| watcher_bundle_jsonpfunction object| dataViewManagement_bundle_jsonpfunction object| kibanaOverview_bundle_jsonpfunction object| dataViewEditor_bundle_jsonpfunction object| dataViewFieldEditor_bundle_jsonpfunction object| ingestPipelines_bundle_jsonpfunction object| fileUpload_bundle_jsonpfunction object| expressionError_bundle_jsonpfunction object| expressionMetric_bundle_jsonpfunction object| expressionRepeatImage_bundle_jsonpfunction object| expressionRevealImage_bundle_jsonpfunction object| uiActionsEnhanced_bundle_jsonpfunction object| graph_bundle_jsonpfunction object| savedObjectsTagging_bundle_jsonpfunction object| console_bundle_jsonpfunction object| grokdebugger_bundle_jsonpfunction object| aiAssistantManagementSelection_bundle_jsonpfunction object| cloudDataMigration_bundle_jsonpfunction object| cloudChat_bundle_jsonpfunction object| cloudFullStory_bundle_jsonpfunction object| filesManagement_bundle_jsonpfunction object| snapshotRestore_bundle_jsonpfunction object| telemetry_bundle_jsonpfunction object| security_bundle_jsonpfunction object| management_bundle_jsonpfunction object| painlessLab_bundle_jsonpfunction object| searchprofiler_bundle_jsonpfunction object| home_bundle_jsonpfunction object| cloudExperiments_bundle_jsonpfunction object| customIntegrations_bundle_jsonpfunction object| mapsEms_bundle_jsonpfunction object| unifiedHistogram_bundle_jsonpfunction object| devTools_bundle_jsonpfunction object| elasticApm object| __kbnAnalytics object| ace object| d3 boolean| __@hello-pangea/dnd-disable-dev-warnings

0 Cookies

3 Console Messages

Source Level URL
Text
security error URL: https://eqlplayground.io/s/eqldemo/app/security/users/name/administrador/events?sourcerer=(default%3A(id%3Asecurity-solution-eqldemo%2CselectedPatterns%3A!(eqldemo%2C%27logs-endpoint.*-eqldemo%27%2C%27logs-network_traffic.*-eqldemo%27%2C%27logs-system.*-eqldemo%27%2C%27logs-windows.*-eqldemo%27%2Cmetricseqldemo)))&timerange=(global%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T07%3A00%3A00.000Z%27%2CfromStr%3Anow%2Fd%2Ckind%3Arelative%2Cto%3A%272024-09-05T06%3A59%3A59.999Z%27%2CtoStr%3Anow%2Fd))%2Ctimeline%3A(linkTo%3A!()%2Ctimerange%3A(from%3A%272024-09-04T00%3A00%3A01.067Z%27%2Ckind%3Aabsolute%2Cto%3A%272024-09-05T00%3A00%3A01.068Z%27)))&timeline=(activeTab%3Aquery%2CgraphEventId%3A%27%27%2CisOpen%3A!f)(Line 285)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'report-sample' 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.
network error URL: https://eqlplayground.io/s/eqldemo/internal/uptime/index_status?from=now-7d&to=now
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://eqlplayground.io/s/eqldemo/internal/security/user_profile?dataPath=avatar%2CuserSettings
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'report-sample' 'self'; worker-src 'report-sample' 'self' blob:; style-src 'report-sample' 'self' 'unsafe-inline'; report-to violations-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io
app.launchdarkly.com
eqlplayground.io
events.launchdarkly.com
feeds.elastic.co
telemetry.elastic.co
ade34e15ce8041d483d0a571d4543a15.apm.europe-west1.gcp.cloud.es.io
eqlplayground.io
104.18.25.94
151.101.130.217
2600:1901:0:2440::
2600:1901:0:fbf3::
2606:4700::6812:195e
3.221.38.139
34.95.113.255
35.195.130.253
023fee560cd5eae09253bebf2afda0f17ee849ad8a9f83741e06efc9517fd698
05453a780a20abedba88e8933096b559a7af9b740062ab5d14b2795b8ba77627
05907af2d4e489eaa10562be7e1c0230dd705dfd60316447c96c1af8f3a34090
0615a340cd178372128cca99fa4170ba9303f2dd46fd3c1ef3e0b7f354dcd183
069f27eb12200ee40a2fd4e8e3dbb756e0d6ef4c57b7dc44606d52e8c5878365
06b39d644a42573eb098987e5416a8bc3b94645922c397b365ead86e6626c720
08665faaae0320345cff8f9bd6d4ecc597189c0c3d72fa443ec067bc4d9ae0bb
08e1b31922514c516136f8c0b5d5ed5ac36f8546639cdc369401008591e12954
08e2c358ce13cb67f94ebb35b0f67c8763190a857c0db68da6eb196dfe9da46a
09364fa878536ed63520279e11ed171321011ebb8dab10909951fdb5597f2b34
0a213afb50c24e049fe209183110bc4748401c5f5b8e81ba8d7f99decee3d4df
0a4c90aee175ecf05932d67314b5edbfaf7e94b74aac6cff7987f5d36f20fd6f
0acc4dd3c34945769869a09b588437748217d5ca4e5ac13832ed26ad4023a69c
0af62c54eced199f8ca77914e00497e5ab6f1f81387dceb388d5e8ccd587c59d
0baff50a2a59ea98c58afe91e2c9f6ff463694da23f9730be37e7b44a12d999f
0cb89428f07b9cab469c59107769a59f39ab338287e08af2f721d8e80e25ddc5
0cc0bcc988d16c1aada4bff69609dcbc663be7cccee4942ea08a5ab4d842013e
0e8793777a88b313f9bb9fd36490f6fcc0ecfd65a36dc2f30b86efafdb1ec46f
0f74c5efbfd24ae9a0bd2c242af1b7cd0a4da7f60e319a36555fe05ce2cf03ca
0f921c8889733be266394c73acb043b198a44484bfb00f81dd441e1129856180
0fcc2d97c21f4e54e221f3a1604a35e1c6b0fbdef692ec914654580fe5309600
112ba6f9abac8104fdfaf624e0fc4376e79954ab8a515298e14d7623622d4127
11d6df0718dd8690641d8397f24a90a23a180071839525e19c33697d05f9f2c1
1252f73c4959ec1f853fcfcaa6f9167d12b0ac35fe84c99f340fbc0a7be882fe
1259d9b672e0b275e2d2678b7d85748c826d3ab084d3ebfdb5a311ec799c4fe6
127409f31f7df25437d8bb29ea47691fe04889498a1b6925dfaaa62bbbbfc370
1332e68a6d8766a1dfa6f7afec292d577acd004730076096aa26f4da843e4ab0
13524375c83cf34dbd6c5a092152c91c73bdb426fedfaf0b8bcf9ea3db8c5309
13ccdbf8226b1f3b5d68bb6b82d11245eb2012e71f73f4b378b519315724e313
14f2db6a0b389fc04aba782edc1c41887dab68290ceef4b4f9f06742f65c5e0a
1594e33a4a9201b36450b9c51d702b27bef09825876ee8c18a16f23be334c875
15d06ae32f5252ef1b1009b6ba06411e91da1458724e70810af2fd57ea7639b2
160f4ef3788e8b599e30ccc74b4b74f3a5a70a28fa68b6df0b582f741a7025bb
17d81931a899aa04437377498c075fec7d74d919671aed4a82201b91489dc362
181df961a1e7d2c04c2c0c5bbced64266401c3df4b615a9d5f3a72afe649c63a
18cda523c38f2f0839f264e9cb6449c40f9e09f920105df3fe105c30a4cc5be5
1b01ee170f5df481a1cd5931ca92df172315fcd3f3d927463681cd91ce9460ff
1b8b644a90913f673899aabe2bade453dd28700c82ebcdeff672ec62edeefed3
1c33d85a72c9bed3fc02bbafef9569d1167fdd969969cf629c1fb71bb24fda02
1ca2e94310f61fa5ae150b24bd9900e8a3fd729a0b898cc961a3dd7dc7d54a1c
1cb09cba3a77ba65094f0fa19904296d0730d34e7397a7a00018657cc8affb4d
1cb2234bfd23220cda84286e9a442805bd0abe73869328c34928358af12ae2d1
1da60d63b16007b2a4689066133c609a26d3ead7adfb9f111345a3bdbeb9192a
1de24012040ebbbebc61b8cd29e1db7ea8191baba8cffa1560d7389ff1f8bb4c
1ded7d1cbb8daf28e6b03da2e480228ab00a7620c3551ea983b072581803c68c
1e5bd66e5a6084ea586c377e9612394ae85d9406d17d335f24eb7988ad366a11
1f54ab22b538b162a7d903921163ce4beadd370ae906506954551a8737e533a8
204d0660faaea815bd1a57d14d5a7f2e07f7bb7b6fcabaa884438cea29beac9e
211ce10b3f6d7e00a970d625dadd01888ad1cd9956a9faf9e7d6afe3f7077bbc
220f8ee182a1c6eeccc6aaf2750491e472dd566831d08e4305aed6c9a9e94d3f
256da5c755a605d4823b4d52b2484f6836843ba4185a27e653145ef67def90e7
26618ab401a7526a3f02d1e5e4d5fa0f9e85d4bc7d0d7667f239b8d4979e08e3
266943b8b117bcd010a0fddd23a62e233c19d5b927ce12179f48035464f12582
26918b360865893350f31076541cd32c203526b7f587f046a844db21138f72f9
27ffa1ab1869248d3ccf59f8bf9a81ebe1e00c49fe4028eef63ce34123edb454
286498d14fabf8f9c328149254c6052f0294d1baa502d073fe657350b7b4f7f9
28c2a0296ac0bfed5722efdc746b4b832908f4ff3639084f8208df0c59e471b2
29418c75d0fd26395445bc7700217b89375c165909bb8d8ab0b62645bd9107cd
29795051c38e00795050b82316ade8a80cb2309f2a86994755c20c414316f012
29d23109fa47d8f3e0ca76e4aa22ab45633958971dcbcabcc40b334da2873cc3
2b6ae0193fe65771963724c08769e4a8e4288bf293550bf79423f937f8b73b4a
2b7f6d4212f05f03591c5c3fcf943f02f55e03aeef6238a04e64bb110d5f0ca9
2b93b8c39eac2b6bbfa16ef8f2c5e45208aecbee328067e63e377503ab2892d7
2e831abf6e703769191b2958dcf7a9b66f0390f23fa4dfa81bc67849771822be
2f5e5afa0d028d154b7669cc713e35e285e2d820473a9fbb4ce7a09a425db533
30e660f8bddbffb95a451aef140ed9f9ac1ab1b22268337ac547630c4337db2f
31ad56be62faf7e4ab054d7c2c2d97fb9c4178cb1b2313aca37bee558cbf7941
32aa3fd8e99f65095853b6998da342d7379088469a106ec105533ed22ebdb164
3327a0947eeb6f13e10746ce8666fa65ca22a8c1976f5f2c8ea244bd0f61e8d3
34213abb028e7f037598ddcd26e4722756565db7c8def55141e0fddb0cbc138a
349a56ec56afa6643e7a5faf900209c78aee39a5931191ace4a33feb94a7a2a3
351831420694db689708bd7188eb8322f81262c328b4c44cdbd482be4ea79899
362bf30b0257a8f7bb2a4c6d5c9574c7e5ac327bf49c1ee4920c8d482822426c
36fd8c86fdd15efa720910ee85e5121e28ed66a28e8ef58e2835be45fdcaf92f
37dc8759be28f9650cda759631d65a60f98e04511c1eebb10dafe9e230dc778b
37fecccb0eea1cb10ddb006259cc44e5fcde11f8ea844973d7ace75dd718b44c
38651c13385250d6c1352bb28edefd24d467a40f02905bd95db8b72ec7c45a2b
38aa9aca4ac8a30eb0075976172886b5b3b9f201c92342f1eb379843d235ba96
3abb7bc5b86d7d92af0c27bd6f1894fdad2cd130c45fd4d2925d38954e8e683d
3bc33c3a66271ba9a442c8d87a309dd0527b91ba5cbfde7017d2fb587c50f475
3e0523ec3ae2fd90e55a14993dda9e328ef0fb5048681191e5e938d51a755b4b
3e5a2860b47b1e30d171e3039f0a85b35f709b2e20ef9fe8b3f3767f4f7e6e9c
3fb14a16a2aa6e96aec1937518a2e8363c370b4315f1f2a5650018f4fb6376ce
4085b8e02d0ae5c03ce945fe3b5380dde312927eb9b407271ae78e45b4e2a30d
416679cd6f5773023ab7993fb88a2ceee7befa96f1c755504b06d5b9740d6658
4230d56e2d073c1d327bcc9ff910164f253a8cb014d91e848a3b01eb961ec0dc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456ba73e4b42f3bee03e90a067e3bb50d95bbd546d38e7849070b22cd7fc4613
45990338b4570bac6f22c60ee0732b7ce0c417219cc9ed77a656929fb3ad1d97
45b35ded54d6c585e87a9a3616e444798765c77164c793f81ac8328c5982e2dd
45e5733c9b3d6e602ca19d05bbebf8ed95cbea5c214fa70ab8fab033ffc7e0ff
461175aa2f27278f687299d7f33980f85243a6d9ee0ab7874ab997e4c9142318
47854c45a5535d91a8adbf062eaf7a928001d632b1497130b6b5d19521946fb0
49ea5ca61783fa9fb26fd519a6738c86efcc61b407b2f6284ced0c40dfe5441b
4ad7786312e9785fc4e709d6514c000dccb865d5eb8c0eed906ed8bdf29b613e
4b1625a470fc4bb7d2ab493f315235b08dee1e1a261a2d124f5823d4ff976f63
4b4c5638ad4c00cdfb28a1d0a9321a562d041f9f51f27b417af7f428c67257e8
4b8a8629c5ec43d242b6757086f04525e7d9675e67379bdcc621c0a81f19651c
4c199e9533f380c31cca0df834319a83b0d4296a6da19b93ffde82d378ca3100
4d1b8a6ebf79909ab5308c5bfdb0d783b5dfda8e1491c00c4b7d4296f9bf7563
4e15c57e890513dd05f9ca04e955fa3d987d9b665b40720bcf5a2f31d6ad1ecf
4e171aacc7d894ed92e6b1b54fb557613ad7e266089d2d990be81a226dabfc7d
4ef412b51afa0e4ef95f954b681812a86404a1d6547930940bc7df73f85091b0
4f2a43dc08d7ad0348eb8d9ff873888e8065ff43cbd10fd48ad87703e3e40ddd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500db311d467fddd913d1883f0e6e5fa20a3828d3d5f09cc0418f6fb15cde32d
50761d87ef0dab9c2374ac2e2e0d80b9dbf67904320b02c3a3e697523411dfd3
5384b8766c02adeec0ee2f2a58b87ee84a3168f4ddaffdf0f1c49d947028627f
53ed2a498bc10eec5fd3a353a61f36c5c19456ee1c6716dae58ff71d30535f23
5439a2a389ecb58b9ed08042971cdaaaa8a48bf0cc2afffa4aa9f271d1fa7438
5599d1ee0dead5a175aab5adf068686b83edaa11ab576c9d0cce1fb6566294e3
569b18005297a489cc3ea1c4b716095c41271cfd5c55c7dfc1387ee1b158ada9
595e38ed6d910624dbe141bdcf0c9f426e6401137cb69e72efb1e34a19eea0a5
59ccc02588a571c2ac1e2ba6fa0c550a25a80b60bc8d21437c36337aeefab128
5a0968c4304673b5b63c497277ce0289b8b2a20f77dde2bcbb81e8faf6b53b5a
5a86265502c8fbf7ccf080671b5f533f1118e2767abe36781268ad930f0da628
5bb487c2bea3ecf66f7b29d38d1752d8a3285499caf2dd815a462aecba110afa
5d1385361cb23c487c2bd43b923ebc13a78a8542c1dab63d48d387bc2b82baa2
5debf03f5363c73b4763d054e26c509c91416dddca90977b55120f3f9c568f86
5dfacf9a586791bbb9e55542eb16164090980904b3d74d52bc925ae8882a0e70
5e3896bc13ec0efb00703240b8d7c380629cbf88fb7c562b460cf5e603dea6aa
5e888c22e2de877afbafccb3e51514d0a256868e03abe09d934d1bd2eb677ddb
5f610d27b4cb49b0196d2fe28a89a2ae8bdb44cb4497d32ca1b9d9db6d7e30bb
5fd9715032e59a1bc90a662f3c0198bea6f9f08fbf37af9072a874778fb8e384
619a131a9e8cb7e78ad69a0266e854ed048df3c4d0c9d534d670173c4458366e
63ef3dd0fbe48bce1a735eb8c6dd34e7184c964c21a14255fab548725b02616e
65e909d84ef5447d5de92a572e03a8a4a1108b08ac121b41bf8e302ab3eb9c82
665d45c1ac595201c14e25707ca2a8a6911b8a151c5552c3a3750a020a181d23
667c373fa577643b67a412ada56d84fb4916ff555640b61f0eabbffe135952c3
66e0698bc26d7174e5e9977751243bf1ebe67ba80b0624ebe33f21bcc684ea5b
680f50d0bc7d0b7c43116721f1565682c13713a22ecde98de6f7624f260931a5
696992d0e82983a8460d7366438ba0fdc1aac4960a58e61bdb362075f0d233e8
69fdf4efd379a49f2d06cd6d64f8e6f8fa8dd44cebc5d0f0c64e86bd10ae1c79
6a6cb26acdf2100e658807b573ad8e50979919000b5288bd802f835a6c08aaf8
6b78af21180a4ad7f241a7e938abb3ec6ba5a64248a633dd3601329835736868
6be58eaba7a53c5f1e8ac57a8ae050078a6de66c792ec52d960f80218a21966a
6c7d1bee66331b5d1abc2839c0cc5df067bfef371b0fdccdbe69033620f976b4
6c8bbde79ffeee8550260b8a7eb939299af41c9c8e710e3b06bb93d4a03bd81d
6d1ff79e4137c00c98a09295229c3e89d9c55e7b27481473ee0191a1c149dbc4
6f3d27252b78fde2ee80e133af4e60fcc6d149ee9f3f8e254ee95d34f9c8e9bb
6fe174e0461d61227d3e814f2025d00251704328f13d2a36939484c0251901a3
6fe1ce0bde96c66c2dbdcab3383723c21b13052d462cc50a32ecf0d73e5418a5
70061e3263d04f3333568671836b464bd1ef31c73ac0de1bedd049079f4b925a
70f986086d9886d1bb75a80025942d9f333768c56e5ddc42c66b0076edea1eb3
714f10b62b4234d408a0b8cc0ec920e9cbb8a74105e461f1f4501dd14de4b9ad
71e8c29a841cca108851b79eaa570b18c4f0b7e283347aa368179f75946a66e7
727e33a69c6addde047e6a89878f8207d431706fa95df8c058768f34fc4626e2
74640ff3b9b8b0ee46b0cb52a645572a4b3893a4ec6d22d44c75c59345283472
746b85555b158d420546175fbf19d11f0699d7bac37123bfc0cfcc25ba0c4e0d
74a7a3dfd20c1079e21defdb48de78c053be7fc636bcab2b0c5e9f972665707a
74d4e00a5bb0f1edf10a580548630880d5855e703b3b8d6fc1fce7030f887491
74f2b9f4c3caece4e4f5f67ccdcc2338b0930fc0ed75a2dd3be6b680d9b0a32a
755b4904310998127d56802834cc3f39936894462c5544a9a2d2119ca553481e
75aad33e59c9e828be19c182d817a1444a6db38d6e08713c771c2b3e4d3a2a2b
77605f1d7151a5ade48dd756ef0d8104e3e1f3dba8496c9778a349aa2d4b1d0d
779203f8aa848fd035e7a08da0ac53c8d2623f6726a05f1a421fc625d2eb89c9
7824a9014117f15dfa90a4a1c4082b3c52eb3cb0aa9da3dcf627ff2886e039b4
78e434740b036858f04959f69c5faece56a6efa417391ecd0d55cf42d579ab0c
7977326224b9e3f624d11dc2ef56f89f793a01363fbb7f4f8f7f99b2d3e101a8
7a3cc73f3af02007ccf51ffc5c8c70ce38592d45dc77f99ff116436b3922fa2c
7a6304c2fb6c642c42352fbbae983e89a5fe089570bfba686209a41be89235e8
7aaf3bdfb7b01ea8994710ab129281e353acf97379ae45a887715a7fa1b45950
7aceafb15cd676cec1f95bb46e7e1dfe77be8004fb48e044223f590cc35b0452
7d6f7bc278fd17217862546829f734609211771a4de5e081d8af0f4904a8e4c6
7dc3ec784c24ae2b244aa16bc3805fd02fd273a32250ce52a60993898e555470
7e4309df24358ec9d445ed8ed55f05af68e1c37511b18377ec8acb65fd6c2cf5
7f3aa95513da19c77fda3c493b2e93e95855610f153735c0ecc864170f4a5a25
80085448e17ab1d995a3e34c11019b5a41d0e02461905601b13c58e82eb07262
80498991afb4cb6ef0ac1cbae8e58886d8aab425bf8d078583ddf7823672f698
82d555c7de470bdf5d732957eed34b9626ed833a97cef580cf9d983b0e8992a9
8307c85c52ad711d5a5279e2f97c72d550a70472a79a4a49458e43657a0046ad
83d8daee48fd4f9d60816968de4e52c66cbe88452ab9a1b4606d8897fdd821d3
85410f1632ee30f4158be8acf623d27640a88c7965195b42820332e9fac548bf
855f59eecbff1bfbbd7c16282ac127f2c204816c97097c0b6adc1ec0634a81c4
8749fc85dc754cd0c3fcc1ea6ead019af02d10936f53c8f9e9f84f276a0daeba
87fd570d0ec732ebbd19fb1c1bd9e769d3cd7efebf6d64f4c9e3846c0a59da5f
88cc35d98d30be291054c55d6cf37d19ec22a80cfda2595a6cb37b02f567aee7
88d1736b57562dc008aa8bfcf33c4a365b2995f36014a10af6f12dd73958ef74
8aad6793500a3c3adca39531caabb56ac6e6eb42d18aff90a96d6630b78e921d
8b000bcb03a218d17601a73db52242ef0dc1ce5e3b26adcab830562dd88e4829
8b5d5f6b29f871f22382998bd4f7bdac1b97d9e639cb43b07e955152151eef15
8b6ef47a8490b08ad1b278e9bb909e7bbed6603b84136eea36739efde1765fe5
8d3189d07906e8589cf16b1429b003e65b822545546440d5a2d9062fcc5526b1
8d8bd2fb5880363a4c2536fc07b39051068af1cd71ad84c34478634748161610
8e0d00aa21ae78f12d140635035f23a6f699d189b47e053ebb67218127f80d37
8e1d10dc960c3a1a5df850fb0ca8177c63a9791b3e6fcd4bf81b0dd8f7804ad1
912b4d7661d80d23cb8a2645f4890620d7b1fd8e80ab192a038ed71eb2a05d55
91c42647e0ac8abca234e6d5ae5f11cff97bf4970bffbe3226ab6e7cb6a70c27
9301d2d5c3d4d84d56ca5947d923f6f305b19720b552019729c09a7e652791ed
93da2e1c4f28a7ff9c709d238fc05dc92b6cc6760afaac6e132e96b16292fe9f
940bb37199a5fa5a5026ba3686f94b0d53ec35a147e68a4fe9b429553b83d3f3
94bdcd2852a704c7d71feda9722e555f0f70c32bbf5346845340797ac75cfb35
9500f4d8d7c71a15b3b389dd6b9b9f017ef64f3effd808a7a3993eb6dd310bb9
97219d6f6aacbb93755731bda61ed712d13cd9b7ab705816a844201f21960073
99ae755a56cfd11ef3274d04dace64511943a652a46444fb03ccece0ef41ace7
99f21391431190970ba8deb49f63790306acc0347afae3a4803e7368ce69d4b4
9b49e3915e9d7aecc0659b23b8ce4062dcc5e33666aaeb9ad1539d642c8871db
9be0e14c2e205ccf22bd336e59af1308c0dd60d4665977bdce65a6e1fec89cad
9c562e371dcde1a69e4f6698fe5b2d1725076cecfdaef62cb9bab8d7e6aee2da
9c5f199f5f9d70c34cc31b6027131a7f84724326665bb1354a96d6634a53bec2
9cb8e1c71e4b1b8a5108403b9867d9a5917b29b3920683c1101b42d29ebf7643
9da5dfcaffe786e30ec5ce1202909dbefc42f414ae51ba6da299deb8a5eb80ca
9e6cacdd1bcdd187c025d2934de613255c28b1fb605daea7e60505726d5a76a7
9ec856834c661bd04ac34ca29fc3e6667992e8e93589ace69e54532df9f305eb
a0a6b578616fcfd3760225750cd2d474cc737fc38987296097ca9a67db2a6eb5
a23c6749aca7b345bc4710f47b2ff98abacd1f0d4fe682ea877f95c8a17c721f
a26bbb4dbe026dd7a80d55d1e4e40cba950404e73807886fa9f8213bc0b6addd
a33ed98cba079829b4ad1787d434e66f52df110df92abab1e3f5a0d0699ae0c1
a406fa4637f0180006b1d2c52d00e02984d2a017dfc4a2a0834c0495143a77c5
a461bf3b3afc597e77acf6da7bb61b6da4813054d54510cde97310464e0ebf66
a47befc126621a6156a7e1395608e5829f2de24a926b37a634277d1bb016e582
a4b156d96adfa128c8c09e03c2e5d188366dc31111c4d8350090921b23de4cc2
a51a8c21fad9d85a414fe9d6b104ff945507e56eab1419d4da1a293a512c1ef9
a56eec5bf15377851d596a04ab4eb37bf7214f570a2fd2acfd5d6235be580ac1
a5f156ef890a11a7267c257cb9665557e044e8f10f29877ae457be401ff1d7fb
a5f2de0e18411f08c2b28641d5bdb88b4a8e193337eea3012170cc2b8a5aeec7
a65dde7e9e4ae0947c8e1f6bf293ead5d71bb10aca162775858916e1064048b7
a68f161e36ad8f046a0d1b61bc584afc0b47474f427a70c09db9fa63fc51e3bd
a7c8fb0ec392cde249feda6dd32298affe4aa97e71025168fbd9038c51f9515a
a9b37da99d21a4a282dbbd819fe6a39b30d822632d2558447efbc90db54d5c3f
abe7632505c3750a07df401d72408becfd6477e4409909cac9cc3e1528abae55
ac053f5510f63c938cd6aa10144326e2f6b471b315523f2e5fa7e09ce6b869c2
ac87e2701b5d92e7b37e245a67ef7ee2e738d940f3e0b08c006c3f0a2bed9f01
ac912bc1f8ab0b3e748567af402db276db426e70b791ebafa43897e5cfd4dab0
acde3d1b3acf9882d24ab27154153f9c494d7acca898628d994f9307482d5ef7
ad86bab9db61b5e20b60f071b90244fee09116f0a055f054c79992e6696c0794
ae607251f0c14e5e46b20e168d13cf21e579a09fc38030d85120cc3ad1e6e87d
b01dd5f6c0f0f62eac9fda3ed004915e157dd149b70c9593a5526489dc956c92
b0de77a615e625ecf85833383837bba949d2847468697f8dcd2a78190cc5d0af
b1579363bef6ab43bcb9a3813d236b9a5454599858bd5aabd7a071bfc3321c80
b1b277f61b52dd20252f9adc5a2164b7f4a4b8bf71d4572133582e74bdbb41f2
b21865abf458193485f12d2913c802c4280fbc519d2dcffedb371826c80a49d8
b2c588661a74647ec613e9bdb02049c9fd39d34f31618b5bf5198d289eb75fdd
b2ea8a5c23d66bf4228fdbd816cac377e460a2a3c94d1243a078d896c4e8a939
b32f98bd44520a3627f05e1831b6b3fd44256e82e4bda39a157606cceed0837b
b55caf6e401dc8715b67ad4be405fa2eb83347919f221d79eb970cd76f192074
b695731d3bc96b49f08b6bb0ac60d21c3160239c1d090760a2628423a421ef21
b697c86c69bd64f59aa08566987a131e81767b996419e68a7cc567bbe9f10877
b7249397f61c6fd6ac63144a8e8c7965afb0114512c7f87c0305a4ceec907681
b814b4a758bfb9de763e3cfd7e46413da3abe35ae64509a3b6ead4dcb311961b
baf22d9086aa494fdf542569027723980a8f9d68540196472df15526b60c7cfc
bb9551e8bb250d36cedb0acb595a39d77f4878d2f902368c21af5d08a990c47c
bbe99b8b7bd4a74aade8d147670b7ddac6d40a01aa268ba1e5106f030ecf31af
bc0b39f9a6ad21c5a17ca5cabafd664306134de0f3cb1cc31160ded7e72b7099
bd90dcc72996fbe8865aec097c097fa913abe2ba9ba2bca4ce0c628c4f6f2766
bde784780a91d33f82b2a426586f79269844d8dd5dd09c0ac87060e785bf7d96
bed72259a8e25611bfdcd02ae7534bab339f607cbce3b989614fb32a5fb95738
c08035866cc37ecbc2fc03b0be54468aa734cb84d04dea2f616baefece6b2f20
c12eadfa3d39c0f52315fbb9e2fdadffc44a5bcc968d9935cac52b4ee58d8ae3
c13b25b5ed44010a76149e2cacf578596f14698349bf3c2144f3dc682b70e1d9
c15232582eb44953c7ff0fc3455123ac4aaf0aaf81b4e0628a497397bad967e5
c181f75be1dd99c36182e982893c29d81556198112c0db49e01acffad0007b1c
c1fc76e94b27160a65377c62e62a9f58715c2be8a165f8c227c160ff6eb43933
c2f97efea0bc540f3c4b81af5e7b32fb940a39f13eee6e63d91a0792d8798f33
c5dbe1b4d053d25d65326547b2a49dbd6d7d4da4f2b172a9f01afd5d4379e0a1
c5f0ad4cc366d5243b41db8fe7f6e3ec3630eab59461ef03c1a6afb1ca687d05
c69141d4248a01ca9f0d542d57317104930b8a33431c830c7eb405145fde9423
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca9152eddde055ee8bfc430cd1d1f3c4e55882bd84e6d2c90d537af7602a74fb
cb1de40fb556edfdfbfe90a8fbf1ee96e76d29a2f544f759a4b050cb8afc221d
cbd5ed5ee0f4e1ef07a998d2f607e91b57acb7a61bcf495df8f457603fb94995
cbe9ff150e0718f8f2185df9b6894b3a93b071ddf857397c79b427131faf8b59
cd545a4e31faab8456fddc9b2d2cc3aed2133fb2222e6b6752f4168fdaf09443
cda492a80b4106ca2560136ded4057d3a5d7d29bc4d2d0880a1d21aa87c9529d
cf027a24f5ed0449b8ccd1082edfca63e1ccbc0fe87f2b990d0f1beb7db2ad74
cff06f9ca96ca52dcfe9493665869d5f8c2916a8b1e6bc59e511690683785170
d03a924ced5ad18c7301cf92ae384c77271d39fdb12c48f246072d292f429e65
d07fc264340fa7982d59b8a9ca684c374652a564fe8fd5985a5f51e068ceebcc
d10b605ac4fc080cdff031f2c2287c30f19342a7f7656efbe427b5574cd1d6fb
d10f9a9e775d0412612b9edf89b4a688d69130a390319881cfb2b732cf3877fd
d1cb699afdda38d394a8df0442ae37efe0496ddbddf3775d4282ff0571066454
d24ffb86db0327a7df37a1e3813b719e0d7b142dcf29bac691e4fff05b62f1e2
d2f5a359d980e90609de9d7de50e9b5745f7b1bbb8cc0bb3557061ac9569a9d0
d3f2afd2091b484caf8d7c5ab754f1a764a17d25ffaf1803c03b646c953d7c00
d4307ec127b5fa220474c070f257a557597b8c0003f0c2a2227c35c53944f80c
d5a91eb1b863ca7543716e4782113a07504de66ece767eda455a33c344cbfefa
d5fb551da13b927f20a6da352c2c43963a92cebd9b03cb07a4ea6cf71d864ecf
d635d2ae46dce5067e8791b7b369b21ad09d5850c768cab58d43c4999728701e
d6c1174199dd0d934bf73d9d63f30eb4198938a72bc6a205ee775f250bf8dcb9
d6e155e29b9032e43cf80e62882e1da89a48090a6cd472352193695795621856
da55331c1ee51f2bd9c2c121fabedbd197ffe5588fcb9318a1318ff6f8d8be83
dc547acf9bc0f52b495bfb3b6e4f2c901b9211d61e02ff2e419761359d885d35
ddf38a991bf7f3bb88890d6a17a28020ed24ec3b8308c89c549e7c2fca632f83
ddfa078eb50585bb321c8ccdc44dff77cc1e20dbb73afd0f31dfd1154f659308
ddff7569e6de75efa8ab1134f46b7049ba4b380763212235eaf33ab42bfb0dc7
de3596ed2b319839d0ec399b8770743a37778e797b08b9c7ea4a81924050934f
de84d9c0b69cc00d6c8ceb57c1595f160dc94c691e737d879bf8603183ae609e
ded2188dc7b70d8e9bfba42c2c87a8f2abe69988abb016d3b91f0851a14def47
deef2130fceed4eaa8c822ff2e0b8606786414c9ce8c80f12b92a59dc476f547
e083a11ef8e913bc07da1d6fbc12128c1e23482391710ebe256b4ba8cc3afd2c
e2ff2ab77264422bbe0fd131f1e3ae269a946f5784d0f913e91afbb63de6f5fd
e376fb2a568f05faa84f6f7b19f4e0e0e3b36a3a34c7fbf1acdd98175e6347b9
e3918eba87f5a3128891e05d43cdb70145b615d3c0ebe10f1ee2a7138379f8e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4698ce535a3e917356e3da55e413fdde9355c0979817b70f97b76bb6003a9a9
e4b738c0a60d797eb89de3ca1584c72523bd01c4ecab38b18477f16c0166b48e
e653ce2ec816379e49e92ba251411570660dbbdd011f9fb41a10aeda75f873ae
e6aaa952f390e701fdcf84c2c7e05d693aa13837988fd8abc764002c3632b78d
e7e11dd15566b2c3e18d745873914a75180ce12b13dcf93a6b7d894fa4277978
e827369c2afd7c44ba11855450f2c4d845505e20b74e0399b5c50fa1250bbfab
e8c823bd6b045f990253a0776ac514e0d96af16da91d44d419adef57c5584ff5
e98df749f2d03031906660d5c181a4f0e42c4e1baf0b1cd2f3cbdeb90abd72c6
e99623fbbb7235a50893569d3fdf39d8fe6237c7f3c8d89cd81fd67631173e2f
eb5a2ee5b8d43f1fc05c4c027af96d0a9c71354376612be2e05474c838a89ae6
eb71c9f79118190478e3de3ee6927875ab085538071ff68f02d876083db9e112
eba006649b30e6cffcfc365b5332ef95617423ee67eb921d7c10fe06a162cb02
ec909461fe6a0b50f4b73e0b2bd5503c820452d9e14d1e7ac980ad5cf75ec243
eca894a778e286ef0a3bee56ad0b6147a2b2a60b0b0eb888006e7b704a8c657c
ed503bac7f58c42b921d874780a476e1c7d32be64cc3fa6cbef2f2bb27741f27
eef46741adfc3a9f76294d3b78f37a45f113092ac9d44ee77c7a038a88ff09a1
f006bbd60894452b80c7d19e1c832d1e30f457540dc5e52e567bc1ffe522615d
f1bb89110f2207b930b53b744982bda0a4fbbbe1f19c5e67023687bd4a2aac69
f2454d8c864cbb414edd88d650d02ebcd71fc8acb61e6239bc100a20bbb8f335
f25daf572249c5cf3bc17889ee5e72c5c2b02f4fad81fe306ba58fbbe5879caf
f3432682c406cbed08c3b642985d76116794659e190dbc8656a91fb1c84a46ff
f38a26152582de97537ac032529942f798206f326689e95c0b741066cabdcc22
f3b6f660f3444573d21cf8c2e995b77db5e70173d398a26fb6e3a5236e2b8e0c
f45457caf1f02633c29f0e9d6f255c938155f00eacce239dbc6f543ff4541b31
f46cbf39f8a7703f81d58a70eadf2ef5a4d660d7fcaf7f8aa5c49b9959886acb
f47eedb7a51b864e44064c1dd430500ad7d59df14d3cfaca60aee128bd4c8902
f49034ea9d1410671911440c098b67d8f85bf927a6119a8c19ed0bb1d47130af
f53dbec5859ab3323774cf3f2be838d22f8b1a811084ce2a473f9ba078b066e8
f56256f0edb8c550ff8f17b2b37e7206cb966c6eef5b3ece0e5e2e9aa8c56eb3
f5bfe1ea7b7c2e42789e6c881b7ab5d40e1c6915f525f69d530f7110feece269
f6d7de62b9a4b19b696ba5802fede9609b73954a20857a72520c200d63584da6
f6ea1f67a28b5d4ee050905dcd45f2d1c6009bb749812ac46ee24c047d109428
f8c905d68d49b8e30cc969f944ac3be118370286bfa1f01d2faab7bd2a0732c6
fbfb0460a1f65dd849a93cfa71682a5f227551417edbd730b0e9ea9fcc1318c3
fe5a4be20353cbd2670f9578f6256dafb3d14b15a049be907173ceeb9470213e
fe7b876be642d122ae75ba893f33b6923c0f65b0f6d26c7b3e3dc100afe9535d