www.elastic.co Open in urlscan Pro
2a04:4e42::729 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Submission: On December 23 via api (December 23rd 2024, 5:32:01 am UTC) from BY — Scanned from US

Summary HTTP 148 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 58 IPs in 3 countries across 36 domains to perform 148 HTTP transactions. The main IP is 2a04:4e42::729, located in United States and belongs to FASTLY, US. The main domain is www.elastic.co. The Cisco Umbrella rank of the primary domain is 144397.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on March 6th 2024. Valid for: a year.

This is the only time www.elastic.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:4239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:400d:c09::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:27b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.152.14 172.64.152.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.85.132.99 52.85.132.99	16509 (AMAZON-02) (AMAZON-02)
18	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:4139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
6	2607:f8b0:400... 2607:f8b0:400d:c01::66	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1a0... 2400:52e0:1a00::1206:2	200325 (BunnyCDN ...) (BunnyCDN BUNNYWAY)
4	2607:f8b0:400... 2607:f8b0:4004:c09::71	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400d:c09::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c19::9b	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1a0... 2400:52e0:1a00::1207:2	200325 (BunnyCDN ...) (BunnyCDN BUNNYWAY)
3	34.49.241.189 34.49.241.189	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:400d:c01::63	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.44.157 151.101.44.157	54113 (FASTLY) (FASTLY)
2	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	2600:1408:c40... 2600:1408:c400:5::17c7:3716	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.160.10.76 18.160.10.76	16509 (AMAZON-02) (AMAZON-02)
2	18.160.10.85 18.160.10.85	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	3.167.72.96 3.167.72.96	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.179.164 68.67.179.164	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.13.172.203 23.13.172.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.13.165.166 23.13.165.166	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:1247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	76.76.21.93 76.76.21.93	16509 (AMAZON-02) (AMAZON-02)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.84.188.59 99.84.188.59	16509 (AMAZON-02) (AMAZON-02)
2	108.138.85.68 108.138.85.68	16509 (AMAZON-02) (AMAZON-02)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:1901:1:7... 2600:1901:1:7c5::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	134.213.193.62 134.213.193.62	15395 (RACKSPACE...) (RACKSPACE-LON Rackspace Ltd.)
1	2600:9000:200... 2600:9000:2009:b400:1d:8d6d:3b40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.234.118.14 3.234.118.14	14618 (AMAZON-AES) (AMAZON-AES)
8 11	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c00::9c	15169 (GOOGLE) (GOOGLE)
3	3.33.216.52 3.33.216.52	16509 (AMAZON-02) (AMAZON-02)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	35.176.252.208 35.176.252.208	16509 (AMAZON-02) (AMAZON-02)
1	18.160.18.33 18.160.18.33	16509 (AMAZON-02) (AMAZON-02)
2	3.167.99.57 3.167.99.57	16509 (AMAZON-02) (AMAZON-02)
1	3.167.99.51 3.167.99.51	16509 (AMAZON-02) (AMAZON-02)
148	58

19 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

www.elastic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:4239 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:27b8 (United States)

ASN13335 (CLOUDFLARENET, US)

tapi.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.14 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-99.iad50.r.cloudfront.net

api.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

static-www.elastic.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)

a18132920325.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

images.contentstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c01::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1a00::1206:2 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c09::71 (Washington, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c09::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI)

cs.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idb.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.49.241.189 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 189.241.49.34.bc.googleusercontent.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c01::63 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.44.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:5::17c7:3716 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-76.iad12.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.10.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-85.iad12.r.cloudfront.net

lift-ai-js.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.72.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-72-96.iad61.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.164 (North Bergen, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.13.172.203 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-172-203.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.13.165.166 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-13-165-166.deploy.static.akamaitechnologies.com

sjrtp2-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1247 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.76.21.93 (Walnut, United States)

ASN16509 (AMAZON-02, US)

sdk.userledclient.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.188.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-188-59.iad89.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.85.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-68.iad12.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:1:7c5:: (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

pixels.spotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.213.193.62 (United Kingdom)

ASN15395 (RACKSPACE-LON Rackspace Ltd., GB)

813-mam-392.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2009:b400:1d:8d6d:3b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.234.118.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-118-14.compute-1.amazonaws.com

visitor-scoring-new.marketlinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:1ec:21::14 (United States) 8 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.216.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: a500536a719cdf47c.awsglobalaccelerator.com

identity.userled.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.252.208 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-252-208.eu-west-2.compute.amazonaws.com

api.userled.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-33.iad12.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.167.99.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-99-57.iad55.r.cloudfront.net

rc-sc.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.99.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-99-51.iad55.r.cloudfront.net

rc-sc.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	elastic.co www.elastic.co — Cisco Umbrella Rank: 144397 static-www.elastic.co — Cisco Umbrella Rank: 243323	2 MB
13	linkedin.com 8 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 333 www.linkedin.com — Cisco Umbrella Rank: 676 px4.ads.linkedin.com — Cisco Umbrella Rank: 7032	7 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2093 rs.fullstory.com — Cisco Umbrella Rank: 2203	99 KB
8	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 1024 tapi.optimizely.com — Cisco Umbrella Rank: 18401 cdn3.optimizely.com — Cisco Umbrella Rank: 4684 a18132920325.cdn.optimizely.com — Cisco Umbrella Rank: 283656 logx.optimizely.com — Cisco Umbrella Rank: 1766	408 KB
7	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
7	google.com analytics.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 3	64 B
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	633 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
5	userled.io identity.userled.io api.userled.io — Cisco Umbrella Rank: 598834	62 KB
4	driftt.com js.driftt.com — Cisco Umbrella Rank: 7118 rc-sc.js.driftt.com — Cisco Umbrella Rank: 67568 site-concierge.driftt.com Failed	68 KB
4	company-target.com s.company-target.com — Cisco Umbrella Rank: 1549 segments.company-target.com — Cisco Umbrella Rank: 1655 api.company-target.com — Cisco Umbrella Rank: 4358	2 KB
4	userledclient.io sdk.userledclient.io — Cisco Umbrella Rank: 518574	25 KB
4	marketlinc.com lift-ai-js.marketlinc.com — Cisco Umbrella Rank: 56991 visitor-scoring-new.marketlinc.com — Cisco Umbrella Rank: 59116	13 KB
4	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 16026 cs.iubenda.com — Cisco Umbrella Rank: 17999 idb.iubenda.com — Cisco Umbrella Rank: 19082	72 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 27058 ibc-flow.techtarget.com — Cisco Umbrella Rank: 24542	2 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 960 match.adsrvr.org — Cisco Umbrella Rank: 377	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
3	demandbase.com api.demandbase.com — Cisco Umbrella Rank: 12226 tag.demandbase.com — Cisco Umbrella Rank: 6210 tag-logger.demandbase.com — Cisco Umbrella Rank: 5387	19 KB
2	spotify.com pixels.spotify.com — Cisco Umbrella Rank: 3212	271 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 854	771 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2010 alb.reddit.com — Cisco Umbrella Rank: 1418	761 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3671	7 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 495	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 831	22 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1095	13 KB
1	mktoresp.com 813-mam-392.mktoresp.com — Cisco Umbrella Rank: 266142	482 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 991	724 B
1	t.co t.co — Cisco Umbrella Rank: 904	629 B
1	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 6998	24 KB
1	marketo.com sjrtp2-cdn.marketo.com — Cisco Umbrella Rank: 49633	416 B
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2604	245 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1016	16 KB
1	quora.com a.quora.com Failed q.quora.com — Cisco Umbrella Rank: 5280	285 B
1	contentstack.io images.contentstack.io — Cisco Umbrella Rank: 12797	8 KB
148	36

	Domain	Requested by
19	www.elastic.co	www.elastic.co
18	static-www.elastic.co	www.elastic.co
9	px.ads.linkedin.com	6 redirects snap.licdn.com
7	www.googletagmanager.com	www.elastic.co www.googletagmanager.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.elastic.co
4	rs.fullstory.com	edge.fullstory.com
4	sdk.userledclient.io	www.googletagmanager.com www.elastic.co sdk.userledclient.io
4	edge.fullstory.com	www.elastic.co edge.fullstory.com rs.fullstory.com
4	analytics.google.com	www.googletagmanager.com www.elastic.co
3	rc-sc.js.driftt.com	js.driftt.com
3	identity.userled.io	sdk.userledclient.io identity.userled.io
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.elastic.co
3	www.google.com	www.googletagmanager.com www.elastic.co
3	logx.optimizely.com	cdn.optimizely.com
3	td.doubleclick.net	www.googletagmanager.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	api.userled.io	www.elastic.co
2	px4.ads.linkedin.com	www.elastic.co
2	www.linkedin.com	2 redirects
2	visitor-scoring-new.marketlinc.com	lift-ai-js.marketlinc.com
2	pixels.spotify.com	www.elastic.co
2	www.facebook.com	www.elastic.co
2	ibc-flow.techtarget.com	trk.techtarget.com
2	api.company-target.com	tag.demandbase.com www.elastic.co
2	id.rlcdn.com	2 redirects
2	munchkin.marketo.net	www.elastic.co munchkin.marketo.net
2	secure.adnxs.com	1 redirects www.elastic.co
2	connect.facebook.net	www.elastic.co connect.facebook.net
2	lift-ai-js.marketlinc.com	www.elastic.co lift-ai-js.marketlinc.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	cdn.iubenda.com	www.googletagmanager.com cdn.iubenda.com
2	cdn.optimizely.com	www.elastic.co
1	js.driftt.com	www.elastic.co
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	tag-logger.demandbase.com	tag.demandbase.com
1	813-mam-392.mktoresp.com	munchkin.marketo.net
1	segments.company-target.com	www.elastic.co
1	s.company-target.com	tag.demandbase.com
1	analytics.twitter.com	www.elastic.co
1	t.co	www.elastic.co
1	alb.reddit.com	www.elastic.co
1	pixel-config.reddit.com	www.redditstatic.com
1	idb.iubenda.com	cdn.iubenda.com
1	q.quora.com	www.elastic.co
1	trk.techtarget.com	www.elastic.co
1	pixel.byspotify.com	www.elastic.co
1	sjrtp2-cdn.marketo.com	www.elastic.co
1	js.adsrvr.org	www.googletagmanager.com
1	tag.demandbase.com	www.elastic.co
1	script.crazyegg.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	cs.iubenda.com	cdn.iubenda.com
1	images.contentstack.io	www.elastic.co
1	a18132920325.cdn.optimizely.com	cdn.optimizely.com
1	api.demandbase.com	cdn.optimizely.com
1	cdn3.optimizely.com	cdn.optimizely.com
1	tapi.optimizely.com	cdn.optimizely.com
0	site-concierge.driftt.com Failed	rc-sc.js.driftt.com
0	a.quora.com Failed	www.googletagmanager.com
148	62

This site contains links to these domains. Also see Links.

Domain
cloud.elastic.co
partners.elastic.co
discuss.elastic.co
github.com
www.mdsec.co.uk
learn.microsoft.com
attack.mitre.org
www.linkedin.com
www.youtube.com
www.facebook.com
www.twitter.com
jobs.elastic.co
login.elastic.co
secure.ethicspoint.com
ir.elastic.co
www.apache.org

Subject Issuer	Validity	Valid
www.elastic.co GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
cdn.optimizely.com WE1	`2024-12-19` - `2025-03-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
tapi.optimizely.com WE1	`2024-12-15` - `2025-03-15`	3 months	crt.sh
cdn3.optimizely.com WE1	`2024-12-08` - `2025-03-08`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-13` - `2025-09-14`	a year	crt.sh
static-www.elastic.co GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.contentstack.io Gandi RSA Domain Validation Secure Server CA 3	`2024-04-10` - `2025-05-04`	a year	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
logx.optimizely.com WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 08	`2024-12-15` - `2025-06-13`	6 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-06` - `2025-04-03`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2024-12-02` - `2025-12-01`	a year	crt.sh
script.crazyegg.com E5	`2024-11-27` - `2025-02-25`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2024-08-27` - `2025-09-28`	a year	crt.sh
*.marketlinc.com Amazon RSA 2048 M03	`2024-12-20` - `2026-01-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-01` - `2024-12-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-22` - `2025-10-24`	a year	crt.sh
*.marketo.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-22` - `2025-10-24`	a year	crt.sh
pixel.byspotify.com WR3	`2024-12-12` - `2025-03-12`	3 months	crt.sh
trk.techtarget.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
edge.fullstory.com WR3	`2024-12-16` - `2025-03-16`	3 months	crt.sh
sdk.userledclient.io R11	`2024-11-24` - `2025-02-22`	3 months	crt.sh
quora.com WR1	`2024-12-13` - `2025-03-13`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-04-11`	6 months	crt.sh
t.co E6	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-07` - `2025-10-06`	a year	crt.sh
*.company-target.com R10	`2024-12-13` - `2025-03-13`	3 months	crt.sh
ibc-flow.techtarget.com WR3	`2024-12-20` - `2025-03-20`	3 months	crt.sh
*.spotify.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-05` - `2025-02-04`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-15` - `2025-09-15`	a year	crt.sh
tag-logger.demandbase.com Amazon RSA 2048 M02	`2024-12-13` - `2026-01-11`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
rs.fullstory.com WR3	`2024-12-19` - `2025-03-19`	3 months	crt.sh
identity.userled.io Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
api.userled.io Amazon RSA 2048 M02	`2024-09-10` - `2025-10-10`	a year	crt.sh
drift.com Amazon RSA 2048 M03	`2024-07-30` - `2025-08-27`	a year	crt.sh
*.drift.com Amazon RSA 2048 M03	`2024-06-02` - `2025-06-30`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Frame ID: 3A65391CE7586148B21AF6A8756D9D4E
Requests: 138 HTTP requests in this frame

Frame: https://a18132920325.cdn.optimizely.com/client_storage/a18132920325.html
Frame ID: 0D1A0EF74DB93E75D8E7392A83F7EC79
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-DW3V48BZ9S&gacid=695540796.1734931915&gtm=45je4cc1v9123417172za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1226040942
Frame ID: B337F74C0BCB3C20B527560F49109755
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.elastic.co
Frame ID: DE9989506A6DC350B1302BE43A6CBD35
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-Q7TEQDPTH5&gacid=695540796.1734931915&gtm=45je4cc1v884236656z8865912973za200zb865912973&dma=0&gcs=G111&gcd=13n3n3n3n5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=967767374
Frame ID: ED1E3BF861FB814B11B87DFAD0AEBE91
Requests: 1 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 0CA664AEBFD8FF85180D9802A11718EC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/985891458?random=1734931915742&cv=11&fst=1734931915742&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895104880z8865912973za201zb865912973&gcd=13n3n3n3n5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&hn=www.googleadservices.com&frm=0&tiba=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&ga_uid=G-Q7TEQDPTH5.eb5625d4-f733-486a-9fed-814c7f818623&npa=0&pscdl=noapi&auid=659551645.1734931915&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=dmb_audience%3DResidential
Frame ID: 1A504F86F7C48C213642498F95D17FA2
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: F5AC79F8F0F38E9FCEC0D68D2CD3722B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&upid=46vcaz5&upv=1.1.0&paapi=1
Frame ID: EBB611EE58C26C337258C60A0848EB5B
Requests: 1 HTTP requests in this frame

Frame: https://rc-sc.js.driftt.com/core?d=1&embedId=c3ugtv46u366&eId=c3ugtv46u366&region=US&forceShow=false&skipCampaigns=false&sessionId=bfe40019-10b3-47a8-802a-e15a2e22418c&sessionStarted=1734931920.49&campaignRefreshToken=02a64245-81e5-46e8-a1e8-2671bed34a1d&hideController=false&pageLoadStartTime=1734931913596&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html
Frame ID: 3FAF7EB92739E23C8BD534E88BBC51A6
Requests: 1 HTTP requests in this frame

Frame: https://rc-sc.js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1734931913596
Frame ID: 0BE61BBD433946BE2A77740A4F0AF9F2
Requests: 1 HTTP requests in this frame

Frame: https://site-concierge.driftt.com/?embedId=c3ugtv46u366&parentPageUrl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&driftEnv=prod&conductor=cohab&parentPageQueryParams=&leadId=154046d9-2633-4def-9877-2b2f2c3b60f8
Frame ID: 3C402029EE4EBE85F05CBE67439B51F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Potential Evasion via Windows Filtering Platform | Elastic Security Solution [8.17] | Elastic

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

148
Requests

95 %
HTTPS

41 %
IPv6

36
Domains

62
Subdomains

58
IPs

3
Countries

3610 kB
Transfer

9379 kB
Size

68
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://cloud.elastic.co/
Title: Login

Search URL Search Domain Scan URL

URL: https://cloud.elastic.co/registration
Title: Start free trial

Search URL Search Domain Scan URL

URL: https://partners.elastic.co/findapartner/
Title: Find a partner

Search URL Search Domain Scan URL

URL: https://discuss.elastic.co/
Title: Forum

Search URL Search Domain Scan URL

URL: https://cloud.elastic.co/login
Title: Login

Search URL Search Domain Scan URL

URL: https://github.com/elastic/security-docs/edit/8.17/docs/detections/prebuilt-rules/rule-details/potential-evasion-via-windows-filtering-platform.asciidoc
Title: edit

Search URL Search Domain Scan URL

URL: https://github.com/dsnezhkov/shutter/tree/main
Title: https://github.com/dsnezhkov/shutter/tree/main

Search URL Search Domain Scan URL

URL: https://github.com/netero1010/EDRSilencer/tree/main
Title: https://github.com/netero1010/EDRSilencer/tree/main

Search URL Search Domain Scan URL

URL: https://www.mdsec.co.uk/2023/09/nighthawk-0-2-6-three-wise-monkeys/
Title: https://www.mdsec.co.uk/2023/09/nighthawk-0-2-6-three-wise-monkeys/

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-5157
Title: https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-5157

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-5152
Title: https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/event-5152

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/tactics/TA0005/
Title: https://attack.mitre.org/tactics/TA0005/

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1562/
Title: https://attack.mitre.org/techniques/T1562/

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1562/004/
Title: https://attack.mitre.org/techniques/T1562/004/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/elastic-co

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/elasticsearch

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elastic.co

Search URL Search Domain Scan URL

URL: https://www.twitter.com/elastic

Search URL Search Domain Scan URL

URL: https://github.com/elastic

Search URL Search Domain Scan URL

URL: https://jobs.elastic.co/#/
Title: Career portal

Search URL Search Domain Scan URL

URL: https://login.elastic.co/login/partner
Title: Partner login

Search URL Search Domain Scan URL

URL: https://partners.elastic.co/English/register_email.aspx
Title: Request access

Search URL Search Domain Scan URL

URL: https://secure.ethicspoint.com/domain/media/en/gui/74447/index.html
Title: EthicsPoint portal

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/home/default.aspx
Title: Investor resources

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/governance/corporate-governance/default.aspx
Title: Governance

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/financials/quarterly-results/default.aspx
Title: Financials

Search URL Search Domain Scan URL

URL: https://ir.elastic.co/stock/stock-quote/default.aspx
Title: Stock

Search URL Search Domain Scan URL

URL: https://www.apache.org/
Title: Apache Software Foundation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://secure.adnxs.com/seg?t=1&add=35414607 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607

Request Chain 95

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMvro7sGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12976elBUGAV2VPeY7NZXH2EjHOcEtsa44GzKt4SjIEe7_k

Request Chain 116

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D501860%252C25986%26time%3D1734931915664%26li_adsId%3Dc652aa1e-fe71-4edf-94bb-226453cd507d%26url%3Dhttps%253A%252F%252Fwww.elastic.co%252Fguide%252Fen%252Fsecurity%252Fcurrent%252Fpotential-evasion-via-windows-filtering-platform.html%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ9OZ5Nkz0SRQAAAZPyACTG4K3B_TZgl-7N3XzUZZvQ1vrBEM-EGhajPWe63-GF-iTcR-vq3LMecA02zfpahxsFJKVl2wA

Request Chain 118

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D501860%252C25986%26time%3D1734931915666%26li_adsId%3Dc652aa1e-fe71-4edf-94bb-226453cd507d%26url%3Dhttps%253A%252F%252Fwww.elastic.co%252Fguide%252Fen%252Fsecurity%252Fcurrent%252Fpotential-evasion-via-windows-filtering-platform.html%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKId8jLDm7i0AAAAZPyACSzYvofeMA1PbiGpYTvOUO3oX07jcwEeaPICV6IEAaOWqWFGsUs0tTdb4oLxT2uO_1yxaS5so4

Request Chain 133

https://insight.adsrvr.org/track/up?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&upid=46vcaz5&upv=1.1.0&paapi=1 HTTP 302
https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&upid=46vcaz5&upv=1.1.0&paapi=1

148 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request potential-evasion-via-windows-filtering-platform.html Show response
www.elastic.co/guide/en/security/current/ 21 KB
6 KB 496ms
345ms Document
text/html 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

c659bd87a3cab75cb928add846f7485357617d8a47082e0d5168e44593fe9888

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 5844
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
content-type: text/html; charset=utf-8
date: Mon, 23 Dec 2024 05:31:53 GMT
etag: W/"675b101a-54b7"
euid: eb5625d4-f733-486a-9fed-814c7f818623
last-modified: Thu, 12 Dec 2024 16:32:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: my-server
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-change-language: true
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-lga21921-LGA
x-timer: S1734931913.255199,VS0,VE334
x-xss-protection: 1; mode=block

GET
H2 200 18132920325.js Show response
cdn.optimizely.com/js/ 1 MB
251 KB 98ms
24ms Script
text/javascript 2606:4700::6812:4239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optimizely.com/js/18132920325.js
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b3b23e46ab9f1f5f6364a633ef64e37b01bf833cd0beb2033de3700e5c5c89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
content-encoding: gzip
cf-cache-status: HIT
etag: "0e511a787d82210a72c7fcda786d0535"
x-amz-version-id: I.C1YldQnXF3hDuqhOZlejWx2c5mXF4D
age: 272
access-control-allow-methods: GET, HEAD
date: Mon, 23 Dec 2024 05:31:53 GMT
x-amz-meta-revision: 24086
content-type: text/javascript; charset=utf-8
last-modified: Sun, 22 Dec 2024 13:41:08 GMT
vary: Accept-Encoding
x-amz-id-2: bt2494X+U8GFA41+CFWOWyHMniJLWCj4KZFAiyzIlYFMbpeok2KIkeJvvTDeBdZHFNsbXfjKcCs=
access-control-allow-headers: *
x-amz-replication-status: COMPLETED
cache-control: max-age=120
timing-allow-origin: *
x-amz-meta-pci_enabled: False
access-control-allow-credentials: false
x-amz-request-id: 03ZTSXFQ1CG2M368
cf-ray: 8f65f7ccc81c8cb4-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 256393
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 styles-v1.css
www.elastic.co/guide/static/ 214 KB
49 KB 418ms
415ms Stylesheet
text/css 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/static/styles-v1.css

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

d922e03a751c168900262b518d05d3f29d2931453c03eec8a00662a2aedbca5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: W/"67630b7c-359f9"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: text/css
last-modified: Wed, 18 Dec 2024 17:50:52 GMT
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.650864,VS0,VE406
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 137ms
74ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-12395217-16

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e3afa54d7d6de30f15cd7b526a880615a45d5e2c3a7d9ee0506540dd9c8d41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 23 Dec 2024 05:31:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81515
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 elastic-nav.js Show response
www.elastic.co/ 940 KB
270 KB 75ms
73ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/elastic-nav.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

86c5acf26157322c076413f750b91d730a809a12e20b11fef22fbac8594dd96c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: W/"eaf7c-q8xjFL7iCOQgzOwgyPcWY7ZRq0M"
age: 3297
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-bfi-krnt7300027-BFI, cache-lga21921-LGA
x-cache-hits: 13, 0
x-frame-options: SAMEORIGIN
access-control-allow-headers: Authorization
strict-transport-security: max-age=0
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-dns-prefetch-control: off
x-timer: S1734931914.650830,VS0,VE64
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://elasticnv2022rd.s4.q4web.com
content-length: 275743
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 elastic-footer.js Show response
www.elastic.co/ 450 KB
137 KB 88ms
87ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/elastic-footer.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

7811044be23fe604cb7d96169f28e0a98249d2d20aaa91ff124b4f94fcc84089

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: W/"70855-iLeR94aUGYcmyDZgVw3IaUU8itM"
age: 1017
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-bfi-krnt7300058-BFI, cache-lga21921-LGA
x-cache-hits: 6, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-dns-prefetch-control: off
x-timer: S1734931914.651171,VS0,VE65
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 139791
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 jquery.js Show response
www.elastic.co/guide/static/ 95 KB
33 KB 380ms
379ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/static/jquery.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: W/"64219a08-17b8b"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 27 Mar 2023 13:28:40 GMT
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.651151,VS0,VE370
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33793
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 docs-v1.js Show response
www.elastic.co/guide/static/ 110 KB
35 KB 183ms
182ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/static/docs-v1.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

f5196cdc9471293f1d6d3ceb2c6f2710f91dee9625f4f9e0c6b7a4d58b76bf7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: W/"66e34d1f-1b67b"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:53 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Sep 2024 20:20:47 GMT
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.651102,VS0,VE173
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 18132920325 Show response
tapi.optimizely.com/api/js/odds/project/ 6 KB
1 KB 181ms
106ms XHR
application/json 2606:4700:4400::6812:27b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/js/odds/project/18132920325?project=18132920325&c_euid=eb5625d4-f733-486a-9fed-814c7f818623
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8048762505c25e79f086ca4784644354a6d6405f6b217dd0da06a0b1ee12ab77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
via: 1.1 google
cf-ray: 8f65f7cf581242eb-EWR
access-control-allow-origin: https://www.elastic.co
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
server: cloudflare

GET
H2 200 geo4.js Show response
cdn3.optimizely.com/js/ 310 B
332 B 100ms
25ms Script
application/javascript 172.64.152.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo4.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.14 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab971e7b71065102f42fe834d2ddc887afe18b6485e03c73149c6628263317a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cf-ray: 8f65f7d01c5dc347-EWR
content-encoding: br
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK ip.json Show response
api.demandbase.com/api/v3/ 518 B
1 KB 128ms
37ms Script
application/javascript 52.85.132.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.demandbase.com/api/v3/ip.json?key=KYDN0LSk0dG01e5rGpSIc2M3pBbb53vxi8a7pwkv&callback=optimizely_demandbase

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-99.iad50.r.cloudfront.net

Software

nginx /

Resource Hash

3b625f089e8ba68e7f1236db9a7e7016523da105df34f32e38e48e523eaae521

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

Content-Encoding: gzip
Identification-Source: CENTRAL
X-Content-Type-Options: nosniff
Request-ID: a2cf2635-dbd0-4a74-b9f4-07193a6009cd
Expires: Sun, 22 Dec 2024 05:31:54 GMT
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: FunjtRiakAWmkR8lU30ZXQRz5qjcKwZeXhUi09L9Lt2bPdBjZCKhQg==
Date: Mon, 23 Dec 2024 05:31:54 GMT
Content-Type: application/javascript;charset=utf-8
Vary: Accept-Encoding, Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Api-Version: v3
Connection: keep-alive
Via: 1.1 16f689172b396b7e266a396b6b5d6754.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
X-Amz-Cf-Pop: IAD50-C2
Server: nginx

GET
H2 200 afd038c28b604cfab5371be2bed7d258.png
cdn.optimizely.com/img/18132920325/ 155 KB
155 KB 22ms
21ms Image
image/png 2606:4700::6812:4239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optimizely.com/img/18132920325/afd038c28b604cfab5371be2bed7d258.png
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca87b176413c04d0ec8b4e83b7d0990bf1f2485443c88737f5e496326ecf62b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cf-cache-status: HIT
etag: "d246a7da16aed7c7f621a53635474da8"
x-amz-version-id: CDRMabkov_W2topV0hDZjB1pxA07cXjM
age: 57
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: image/png
last-modified: Wed, 20 Mar 2024 13:39:01 GMT
vary: Accept-Encoding
x-amz-id-2: LU5qomIRINhF3yUiDOVU2i6Sd5GlXNysCRctX6uuz1JpygaaV/VHemzCQIzEYUkcFu3OfuWCRptTUXvYuNOzNIC7Gi6bZBdt
x-amz-replication-status: COMPLETED
x-amz-request-id: RXST5SZBNN85AJV5
cf-ray: 8f65f7cfaa958cb4-EWR
accept-ranges: bytes
content-length: 158397
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
86 KB 84ms
26ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58RLH5

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d27753b73f59e293a8a78f7ad3cc9c4fcd38f4cbd15bb03bc9871e41c4dac6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 23 Dec 2024 05:31:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87218
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 481 KB
145 KB 150ms
92ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25c51064b3e1adb2f09c485b0abf29198750e3ecca749cf13864896a1991acb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 23 Dec 2024 05:31:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 148122
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 generic-icons.svg
www.elastic.co/static-res/images/ 767 B
1 KB 77ms
75ms Other
image/svg+xml 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/images/generic-icons.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/elastic-nav.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

8d8e20a45eba8dceb4a6be0af8675c8d1cea9bcec29b8337133a410d307cb74a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: W/"2ff-193ab0a76d0"
age: 29815
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: image/svg+xml
last-modified: Mon, 09 Dec 2024 10:50:10 GMT
x-served-by: cache-bfi-kbfi7400088-BFI, cache-lga21921-LGA
x-cache-hits: 141, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=86400
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.245427,VS0,VE65
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 390
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 nav-platform.png
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltb72b02d269f3201a/6643847599f5a8667dc35ac7/ 44 KB
45 KB 142ms
11ms Image
image/png 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltb72b02d269f3201a/6643847599f5a8667dc35ac7/nav-platform.png
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 64fd3f7c1f3f05093090f950a257c22e2bcb2edcb9d34e8eda156269acfc0196

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

fastly-io-info: ifsz=48119 idim=720x420 ifmt=png ofsz=45268 odim=720x420 ofmt=png
x-request-id: 61b3254c92a59d780f2817e1e0f3bf87
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
etag: "l+Jgy7jgX3BW6DF2UIRwLZpXfWQuvluJLeUwb/UxHPE"
age: 910507
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=nav-platform.png
content-type: image/png
x-runtime: 139ms
x-cache-hits: 1, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
x-served-by: cache-sjc10028-SJC, cache-bfi-krnt7300119-BFI, cache-lga21953-LGA
cache-control: max-age=31536000
x-timer: S1734931914.411655,VS0,VE1
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltb72b02d269f3201a.download
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45268
fastly-io-served-by: vpop-haf2300705
server: contentstack

GET
H2 200 logo-stack-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt0090c6239e64faf8/62aa0980c949fd5059e8aebc/ 379 B
593 B 150ms
20ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt0090c6239e64faf8/62aa0980c949fd5059e8aebc/logo-stack-32-color.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

30827b15c369c38b972105fb55c83ec0e72ebc11071f35ffeefd3fd7eaa2a54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 6e2ed218bdaa63f525a4aba2a65fc274
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 2730231
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-stack-32-color.svg
content-type: image/svg+xml
x-runtime: 100ms
x-cache-hits: 154, 11, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10042-SJC, cache-bfi-krnt7300080-BFI, cache-lga21953-LGA
x-timer: S1734931914.411972,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt0090c6239e64faf8.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 243
fastly-io-served-by: vpop-haf2300706
server: contentstack

GET
H2 200 logo-cloud-24-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltdb0f38c35ae455dc/5d07f086877575d0584760a3/ 2 KB
1 KB 151ms
21ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltdb0f38c35ae455dc/5d07f086877575d0584760a3/logo-cloud-24-color.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

7ca480b9b77f0deec726cf870d050b83a624217f099a39db027f66b605376112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 07f45d2b84aad67572f3e628a77410b4
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 903893
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-cloud-24-color.svg
content-type: image/svg+xml
x-runtime: 64ms
x-cache-hits: 8, 11, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10068-SJC, cache-bfi-kbfi7400036-BFI, cache-lga21953-LGA
x-timer: S1734931914.411985,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltdb0f38c35ae455dc.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 829
fastly-io-served-by: vpop-haf2300705
server: contentstack

GET
H2 200 logo-enterprise-search-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt549f7d977c2a88f4/5d082d34616162aa5a85707d/ 2 KB
1 KB 154ms
24ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt549f7d977c2a88f4/5d082d34616162aa5a85707d/logo-enterprise-search-32-color.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

128de7d0d5b2541873587ab687c13251b9a8a8919bf03036fb2ad4df3ed9fa1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 0ce698f2a5dff8a2de91f1b88b1116ac
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 1629135
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-enterprise-search-32-color.svg
content-type: image/svg+xml
x-runtime: 58ms
x-cache-hits: 30, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10061-SJC, cache-bfi-krnt7300114-BFI, cache-lga21953-LGA
x-timer: S1734931914.411963,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt549f7d977c2a88f4.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 819
fastly-io-served-by: vpop-haf2300706
server: contentstack

GET
H2 200 logo-security-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltf58b7c8e04706979/5e20f1a8132ead1155e8d0a4/ 915 B
1008 B 152ms
22ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltf58b7c8e04706979/5e20f1a8132ead1155e8d0a4/logo-security-32-color.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c4e3e359a856ad0a1976b66c934301135a3e85ccf8f0353da823f385bc4d23b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: a6763856f777cb7cac9612d1fb5a392c
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 405097
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-security-32-color.svg
content-type: image/svg+xml
x-runtime: 71ms
x-cache-hits: 15, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc1000085-SJC, cache-bfi-krnt7300088-BFI, cache-lga21953-LGA
x-timer: S1734931914.411939,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltf58b7c8e04706979.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 511
fastly-io-served-by: vpop-haf2300708
server: contentstack

GET
H2 200 logo-observability-32-color.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltbf6ba0d0e0e1e5ab/5e20f19a2aa8e40a75136318/ 854 B
852 B 147ms
22ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltbf6ba0d0e0e1e5ab/5e20f19a2aa8e40a75136318/logo-observability-32-color.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

df4bc968515a2d2e12f42248a74536e1eef5beea7bf3b8b511e62296989040fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 7029c72550fdafd2714bcd201d43ea1b
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 910912
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-observability-32-color.svg
content-type: image/svg+xml
x-runtime: 79ms
x-cache-hits: 15, 9, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10046-SJC, cache-bfi-krnt7300029-BFI, cache-lga21953-LGA
x-timer: S1734931914.411910,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltbf6ba0d0e0e1e5ab.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 500
fastly-io-served-by: vpop-haf2300710
server: contentstack

GET
H2 200 icon-checkmark-decorative-border.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltacc5e178e52f430e/647ccc7b6be35fb5eabd2100/ 2 KB
2 KB 26ms
16ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/bltacc5e178e52f430e/647ccc7b6be35fb5eabd2100/icon-checkmark-decorative-border.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

530cac6c10c3d23af5d4a730320f81d2afdd5b0632165cb3c122db6988d7926c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 198d8e8178197ecdc319468cfd09c8ed
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 428991
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=icon-checkmark-decorative-border.svg
content-type: image/svg+xml
x-runtime: 64ms
x-cache-hits: 10, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10030-SJC, cache-bfi-krnt7300024-BFI, cache-lga21953-LGA
x-timer: S1734931914.446355,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.bltacc5e178e52f430e.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1846
fastly-io-served-by: vpop-haf2300712
server: contentstack

GET
H2 200 icon-briefcase.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt9f634b6f74878698/647ccc625637890f19859454/ 2 KB
2 KB 24ms
15ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt9f634b6f74878698/647ccc625637890f19859454/icon-briefcase.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

9607942e266bb8193783f8bea0310a334d05c2161520a8ca23816e5956df8a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 258a2762e7a87266c91fbd9e4eacc709
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 910471
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=icon-briefcase.svg
content-type: image/svg+xml
x-runtime: 57ms
x-cache-hits: 4, 49, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10074-SJC, cache-bfi-kbfi7400031-BFI, cache-lga21953-LGA
x-timer: S1734931914.446236,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt9f634b6f74878698.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1149
fastly-io-served-by: vpop-haf2300705
server: contentstack

GET
H2 200 logo-nav-dropdown-48x48-cisco.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt652fec920f2b1a14/650c1d87aa86c13fa1cc288c/ 63 KB
64 KB 19ms
9ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt652fec920f2b1a14/650c1d87aa86c13fa1cc288c/logo-nav-dropdown-48x48-cisco.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

f79982f09db7b58d3da73047b535f2b13ec64294e3339442aca9833b08e82901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: c6d75ec4514115deef787c03069c9539
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
age: 1605486
x-cache: HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-nav-dropdown-48x48-cisco.svg
content-type: image/svg+xml
x-runtime: 111ms
x-cache-hits: 0, 102
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-bfi-krnt7300052-BFI, cache-lga21953-LGA
x-timer: S1734931914.446225,VS0,VE0
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt652fec920f2b1a14.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64960
fastly-io-served-by: vpop-haf2300705
server: contentstack

GET
H2 200 logo-dropdown-48x48-sitecore.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte788c0f923f209a3/668c49f5534bb913eb26e9e8/ 5 KB
2 KB 25ms
15ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte788c0f923f209a3/668c49f5534bb913eb26e9e8/logo-dropdown-48x48-sitecore.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

b2fcad0da1fac1591660d7fd76e835502e448336c3629498b769f86248950041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 4fa941d4415366ffefff9f4a9cc56c23
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 420633
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-dropdown-48x48-sitecore.svg
content-type: image/svg+xml
x-runtime: 87ms
x-cache-hits: 6, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc1000133-SJC, cache-bfi-kbfi7400087-BFI, cache-lga21953-LGA
x-timer: S1734931914.446217,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blte788c0f923f209a3.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2071
fastly-io-served-by: vpop-haf2300714
server: contentstack

GET
H2 200 logo-nav-dropdown-48x48-comcast.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt90a52ed02808cbc1/650c1dadb25642d90add1e4e/ 47 KB
33 KB 31ms
22ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt90a52ed02808cbc1/650c1dadb25642d90add1e4e/logo-nav-dropdown-48x48-comcast.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

b8291ac2cef05851c83bd2aa96f90317064e6559d0ffa372a0932175ee9897d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 52193231cf3626d01e7b3c08c8894ba4
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 1636901
x-cache: MISS, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-nav-dropdown-48x48-comcast.svg
content-type: image/svg+xml
x-runtime: 164ms
x-cache-hits: 0, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc1000084-SJC, cache-bfi-kbfi7400036-BFI, cache-lga21953-LGA
x-timer: S1734931914.446695,VS0,VE2
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt90a52ed02808cbc1.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33880
fastly-io-served-by: vpop-haf2300705
server: contentstack

GET
H2 200 icon-code-self-closing.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt96bf0c70d7851e7d/64b6cd8378402d4f9cc28b43/ 2 KB
2 KB 29ms
20ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt96bf0c70d7851e7d/64b6cd8378402d4f9cc28b43/icon-code-self-closing.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c667ab2f123ed450a52309995bfe1a4dcd6c62dc63fad468db86f621b6afd68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 5a73252874ba0dc79ae772a557f02b2a
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 423390
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=icon-code-self-closing.svg
content-type: image/svg+xml
x-runtime: 123ms
x-cache-hits: 2, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc1000101-SJC, cache-bfi-krnt7300097-BFI, cache-lga21953-LGA
x-timer: S1734931914.447252,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt96bf0c70d7851e7d.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1419
fastly-io-served-by: vpop-haf2300712
server: contentstack

GET
H2 200 a18132920325.html
a18132920325.cdn.optimizely.com/client_storage/ Frame 0D1A 0
0 104ms
32ms Document
text/html 2606:4700::6812:4139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a18132920325.cdn.optimizely.com/client_storage/a18132920325.html
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 272
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 8f65f7d0ce8b78d9-EWR
content-encoding: gzip
content-length: 824
content-type: text/html; charset=utf-8
date: Mon, 23 Dec 2024 05:31:54 GMT
etag: "8adeedf5eae0491b23cb006b837db27a"
last-modified: Sun, 22 Dec 2024 13:39:59 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT"
vary: Accept-Encoding
x-amz-id-2: M+5yX53MvUGdas1suFWVJdGlnWkAgHmcmMhNtTNFGQgWDOzVe0qrM3z6FI/IAzbzpBoc1tu4DqA=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: 7D1WYBXBGE08635P
x-amz-server-side-encryption: AES256
x-amz-version-id: wRJGfawHPoogx4TZN_y0mlYlCnAThW_J

GET
H2 200 logo-tagline_secondary_all_white-177.svg
images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltf8467a95eaa27e4a/6638d7da0d02e4e98155aaa3/ 18 KB
8 KB 111ms
15ms Image
image/svg+xml 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltf8467a95eaa27e4a/6638d7da0d02e4e98155aaa3/logo-tagline_secondary_all_white-177.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

be8c45598c314d84a7d25f73fbb801c1e7e5eba32b047ee68543f033c912bdaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: e6caf6becb444f4d6b2ec8043af78fae
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
x-cache: HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=logo-tagline_secondary_all_white-177.svg
x-served-by: cache-sjc10062-SJC, cache-lga21939-LGA
x-runtime: 75ms
content-type: image/svg+xml
x-contentstack-organization: blte0c820e234b5b1e5
x-cache-hits: 45, 0
fastly-stats: io=1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-timer: S1734931914.429287,VS0,VE1
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7839
fastly-io-served-by: vpop-haf2300710
server: contentstack

GET
H2 200 footer-icon-linkedin.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte7cfb1a091901ce1/5eb00c925751b2150e57a9d6/ 1 KB
1 KB 28ms
19ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blte7cfb1a091901ce1/5eb00c925751b2150e57a9d6/footer-icon-linkedin.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

410e2467e40d82041d4d061ecee6e853250746292ed79aecc066234921b854f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: e73af01109bcd518a74732410b26b6fa
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 906293
x-cache: MISS, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=footer-icon-linkedin.svg
content-type: image/svg+xml
x-runtime: 66ms
x-cache-hits: 0, 11, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10038-SJC, cache-bfi-krnt7300055-BFI, cache-lga21953-LGA
x-timer: S1734931914.447560,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blte7cfb1a091901ce1.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 729
fastly-io-served-by: vpop-haf2300711
server: contentstack

GET
H2 200 footer-icon-youtube.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt7c28b18be98b1af8/5eb00ca908d37e6d82ef7655/ 2 KB
1 KB 28ms
19ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt7c28b18be98b1af8/5eb00ca908d37e6d82ef7655/footer-icon-youtube.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

27b0b70722f00843062f450be0dbe797a3dea123fb8427b190ea75c97cd2d1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 875eb2c35067c94157d4d3ae6c353ee9
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 1629125
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=footer-icon-youtube.svg
content-type: image/svg+xml
x-runtime: 137ms
x-cache-hits: 2, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10068-SJC, cache-bfi-kbfi7400084-BFI, cache-lga21953-LGA
x-timer: S1734931914.447083,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt7c28b18be98b1af8.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 843
fastly-io-served-by: vpop-haf2300701
server: contentstack

GET
H2 200 footer-icon-facebook.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt75566c5278ad68da/5eb00c59d238e314f259fbea/ 1 KB
993 B 25ms
17ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt75566c5278ad68da/5eb00c59d238e314f259fbea/footer-icon-facebook.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

b5ba1c490f21a75341ba57f563d231ff7b466222da8ba7364c5ebe5705c7b4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: b926a9fd8a2856994ba0d3dddf8d8267
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 405097
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=footer-icon-facebook.svg
content-type: image/svg+xml
x-runtime: 140ms
x-cache-hits: 1, 0, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc1000135-SJC, cache-bfi-kbfi7400056-BFI, cache-lga21953-LGA
x-timer: S1734931914.447098,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt75566c5278ad68da.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 580
fastly-io-served-by: vpop-haf2300714
server: contentstack

GET
H2 200 footer-icon-twitter.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt341fed86979a9fbb/5eb00c76b8a6356e4ddc1180/ 3 KB
2 KB 27ms
18ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt341fed86979a9fbb/5eb00c76b8a6356e4ddc1180/footer-icon-twitter.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c8b428cc3366b0b2cf2d6b7e5fd1be1416fe411777526095dfae2c0a5d9967f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: 1a86a492a532f108a7ed36b04f45d2ba
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 907383
x-cache: MISS, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=footer-icon-twitter.svg
content-type: image/svg+xml
x-runtime: 98ms
x-cache-hits: 0, 14, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10022-SJC, cache-bfi-kbfi7400090-BFI, cache-lga21953-LGA
x-timer: S1734931914.447077,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt341fed86979a9fbb.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1379
fastly-io-served-by: vpop-haf2300704
server: contentstack

GET
H2 200 icon-footer-github.svg
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt6ef5841a45696d80/64ca2a6fc530871313bc3822/ 1 KB
915 B 29ms
20ms Image
image/svg+xml 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt6ef5841a45696d80/64ca2a6fc530871313bc3822/icon-footer-github.svg

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

6e8d47fed7e719c4409a31be2bf0e4acbdd21d5b863b77181be4029b399a139a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-request-id: b683738d17168e953791c6499b1ef8aa
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
content-encoding: gzip
age: 903894
x-cache: HIT, HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-disposition: inline; filename=icon-footer-github.svg
content-type: image/svg+xml
x-runtime: 78ms
x-cache-hits: 2, 6, 1
x-contentstack-organization: blte0c820e234b5b1e5
fastly-stats: io=1
strict-transport-security: max-age=31557600
cache-control: max-age=31536000
x-served-by: cache-sjc10050-SJC, cache-bfi-krnt7300048-BFI, cache-lga21953-LGA
x-timer: S1734931914.447276,VS0,VE1
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt6ef5841a45696d80.download
fastly-io-error: not a supported image format
accept-ranges: bytes
access-control-allow-origin: *
content-length: 643
fastly-io-served-by: vpop-haf2300714
server: contentstack

GET
DATA 200
OK truncated
/ 821 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d2c4301cb4b042fe36308cfe9a7313be119fb68e60b0fc011e1a9624bd4ffd9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddc70a71cdf7d62ea220d3f609507e9aebb213100c79f6a0f60277dff07dd2f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 InterVariable.woff2
www.elastic.co/static-res/fonts/ 337 KB
338 KB 79ms
76ms Font
font/woff2 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/InterVariable.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
etag: W/"545f4-193ab0a76d0"
age: 46715
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: font/woff2
last-modified: Mon, 09 Dec 2024 10:50:10 GMT
x-served-by: cache-bfi-kbfi7400043-BFI, cache-lga21921-LGA
x-cache-hits: 179, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=86400
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.383261,VS0,VE66
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 345588
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 Inter-Light-BETA.e4824723.woff2
www.elastic.co/guide/static/ 99 KB
99 KB 387ms
385ms Font
application/octet-stream 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/static/Inter-Light-BETA.e4824723.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/static/styles-v1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

5e9acc481de30bdc37bcc2320e61ac55dda512c5a8f23bb9a8f321eb7f52b3bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/static/styles-v1.css

Response headers

x-change-language: true
etag: "64219510-18ab4"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/octet-stream
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
last-modified: Mon, 27 Mar 2023 13:07:28 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.383237,VS0,VE375
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101044
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 Inter-Medium.5d08e0ba.woff2
www.elastic.co/guide/static/ 97 KB
97 KB 102ms
100ms Font
application/octet-stream 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/static/Inter-Medium.5d08e0ba.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/static/styles-v1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

1cd1971677bc6b453950877ad6caf5aed64c80b8687ee588986ac7f5629c1004

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/static/styles-v1.css

Response headers

x-change-language: true
etag: "64219a04-1831c"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/octet-stream
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
last-modified: Mon, 27 Mar 2023 13:28:36 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.383201,VS0,VE89
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99100
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 Inter-Bold.a1a60b0b.woff2
www.elastic.co/guide/static/ 97 KB
97 KB 100ms
98ms Font
application/octet-stream 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/static/Inter-Bold.a1a60b0b.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/static/styles-v1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

7d963a27fe8ca608f9b1d807dc9ae10b4dabdb925d32823dd4f35c9e9e9eea6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/static/styles-v1.css

Response headers

x-change-language: true
etag: "64219a04-1844c"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/octet-stream
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
last-modified: Mon, 27 Mar 2023 13:28:36 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.383460,VS0,VE88
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99404
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 Inter-SemiBold.bcf08317.woff2
www.elastic.co/guide/static/ 97 KB
97 KB 393ms
392ms Font
application/octet-stream 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/static/Inter-SemiBold.bcf08317.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/static/styles-v1.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

fca1626077b04ab65671a684d15bb46f2b52276deaa0508379ce798f715df415

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/static/styles-v1.css

Response headers

x-change-language: true
etag: "64219a05-183c4"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/octet-stream
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
last-modified: Mon, 27 Mar 2023 13:28:37 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.383402,VS0,VE383
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 99268
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 InterVariable-Italic.woff2
static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt87a8f23f09697de7/65f108619b2cdaf45793c680/ 372 KB
373 KB 40ms
9ms Font
application/octet-stream 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt87a8f23f09697de7/65f108619b2cdaf45793c680/InterVariable-Italic.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0470791f15efd2987bdb50b24027c3f584a2cf9b7b63fbf86012c5f2e9abcc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/

Response headers

x-request-id: 188d2e5dba0b2f01ccb4119828a34851
access-control-expose-headers: x-request-id, host, connection, x-forwarded-for, x-forwarded-proto, x-forwarded-port, x-amzn-trace-id, origin, sec-ch-ua-platform, user-agent, sec-ch-ua, sec-ch-ua-mobile, accept, sec-fetch-site, sec-fetch-mode, sec-fetch-dest, referer, accept-language, priority, fastly-ssl, fastly-client-ip, x-forwarded-server, x-forwarded-host, x-varnish, fastly-orig-accept-encoding, accept-encoding, api_key, x-timer, prod-na-origin-token, x-device, cs_api_key, x_assets_req, internal_api_keys, blocked_apikeys, fastly-client, fastly-ff, cdn-loop, x-envoy-external-address, x-envoy-attempt-count, x-forwarded-client-cert, x-b3-traceid, x-b3-spanid, x-b3-parentspanid, x-b3-sampled
age: 1550448
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE, OPTIONS, PATCH
x-cache: HIT, HIT
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/octet-stream
content-disposition: inline; filename=InterVariable-Italic.woff2
x-runtime: 203ms
x-cache-hits: 0, 0
access-control-allow-headers: content-disposition, content-type, cache-control, content-length
x-contentstack-organization: blte0c820e234b5b1e5
strict-transport-security: max-age=31557600
x-served-by: cache-bfi-kbfi7400107-BFI, cache-lga21924-LGA
cache-control: max-age=31536000
x-timer: S1734931914.411828,VS0,VE1
access-control-allow-credentials: true
via: 1.1 varnish, 1.1 varnish
x-cs-surrogate-key: bltefdd0b53724fa2ce.sys_assets bltefdd0b53724fa2ce.sys_assets.blt87a8f23f09697de7.download
accept-ranges: bytes
access-control-allow-origin: *
content-length: 380904
server: contentstack

GET
H2 200 MierB-Regular.woff2
www.elastic.co/static-res/fonts/ 49 KB
49 KB 80ms
76ms Font
font/woff2 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/MierB-Regular.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

a673e2cdc5bd55d86ad373fd3b87892b3f0eb6a9b999d00999f5bfd33bd30b66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
etag: W/"c248-193ab0a76d0"
age: 73855
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: font/woff2
last-modified: Mon, 09 Dec 2024 10:50:10 GMT
x-served-by: cache-bfi-krnt7300033-BFI, cache-lga21921-LGA
x-cache-hits: 263, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=86400
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.460453,VS0,VE65
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 49736
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 MierB-Demi.woff2
www.elastic.co/static-res/fonts/ 52 KB
53 KB 77ms
74ms Font
font/woff2 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/MierB-Demi.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

130cc310c3284fad385e117c1667e2a5b904457856457ab8cb716bcb087217d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
etag: W/"d170-193ab0a76d0"
age: 65616
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: font/woff2
last-modified: Mon, 09 Dec 2024 10:50:10 GMT
x-served-by: cache-bfi-kbfi7400034-BFI, cache-lga21921-LGA
x-cache-hits: 251, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=86400
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.460422,VS0,VE65
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 53616
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 MierB-Bold.woff2
www.elastic.co/static-res/fonts/ 52 KB
52 KB 76ms
72ms Font
font/woff2 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/static-res/fonts/MierB-Bold.woff2

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

2365eb8fb2b07c00216a641efcd4177720838e57d8bd97be638f684f2c9f1596

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
etag: W/"cfcc-193ab0a76d0"
age: 61415
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: font/woff2
last-modified: Mon, 09 Dec 2024 10:50:10 GMT
x-served-by: cache-bfi-krnt7300072-BFI, cache-lga21921-LGA
x-cache-hits: 13316, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=86400
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931914.460576,VS0,VE64
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 53196
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 toc.html Show response
www.elastic.co/guide/en/security/current/ 209 KB
36 KB 95ms
94ms XHR
text/html 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/guide/en/security/current/toc.html

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/static/jquery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

ed349f0e7de6b750d7f8e3819efa1df54980ea5bbebbda13dbf939b1b79ef31b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*

Response headers

x-change-language: true
content-encoding: gzip
etag: W/"675ca799-3422a"
x-content-type-options: nosniff
x-cache: MISS
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 13 Dec 2024 21:31:05 GMT
x-served-by: cache-lga21921-LGA
x-cache-hits: 0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931915.538272,VS0,VE84
referrer-policy: strict-origin-when-cross-origin
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
99 KB 33ms
32ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DW3V48BZ9S&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12395217-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cc0ed96e096fc4274fe3284fb20621e01c9192640212f4f207b0127a651fab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 23 Dec 2024 05:31:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101557
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 83ms
24ms Script
text/javascript 2607:f8b0:400d:c01::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-12395217-16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
age: 5117
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 23 Dec 2024 06:06:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 04:06:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 2 KB
1 KB 302ms
123ms Script
application/javascript 2400:52e0:1a00::1206:2
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.iubenda.com/cs/iubenda_cs.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),

Reverse DNS

Software

BunnyCDN-IL1-1206 /

Resource Hash

08900bcd062958031e232098df8b51868466e9f2196fb1ce48425e3d88b79f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cdn-status: 200
content-encoding: br
etag: "6765757a-2c2"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
date: Mon, 23 Dec 2024 05:31:54 GMT
last-modified: Fri, 20 Dec 2024 13:47:38 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: BYPASS
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains
cdn-cachedat: 12/23/2024 05:31:54
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cdn-requestid: 8c928ac59123ccaba0952f74c206ab77
cdn-pullzone: 954456
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 871
server: BunnyCDN-IL1-1206
cdn-requestcountrycode: US

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6ae29ab0157f0a372b1fecc239fb07d26e3a41084ee3233fb352bd1a8a9957d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8060f1f05117d8899e80a8a13edc531baac8fdb59d7d1a77706645a080aae2d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
analytics.google.com/g/ 0
0 123ms
24ms Fetch
text/plain 2607:f8b0:4004:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DW3V48BZ9S&gtm=45je4cc1v9123417172za200&_p=1734931914182&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=695540796.1734931915&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1734931914&sct=1&seg=0&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1718
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW3V48BZ9S&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
544 B 130ms
23ms Ping
text/plain 2607:f8b0:400d:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DW3V48BZ9S&cid=695540796.1734931915&gtm=45je4cc1v9123417172za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW3V48BZ9S&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c09::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame B337 0
0 69ms
29ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-DW3V48BZ9S&gacid=695540796.1734931915&gtm=45je4cc1v9123417172za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1226040942

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW3V48BZ9S&l=dataLayer&cx=c&gtm=457e4cc1za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Dec 2024 05:31:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
418 B 27ms
25ms XHR
text/plain 2607:f8b0:400d:c01::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1613049231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&ul=en-us&de=UTF-8&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=403872557&gjid=10248177&cid=695540796.1734931915&tid=UA-12395217-16&_gid=1685083512.1734931915&_r=1&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=183647643

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.elastic.co/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
345 B 23ms
22ms Image
image/gif 2607:f8b0:400d:c01::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1613049231&t=event&_s=2&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&ul=en-us&de=UTF-8&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=experience_impression&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=695540796.1734931915&tid=UA-12395217-16&_gid=1685083512.1734931915&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=1176974424

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

age: 44593
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 17:08:41 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ 35 B
94 B 25ms
24ms Image
image/gif 2607:f8b0:400d:c01::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1613049231&t=event&_s=3&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&ul=en-us&de=UTF-8&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=optimizely_decision&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=695540796.1734931915&tid=UA-12395217-16&_gid=1685083512.1734931915&gtm=457e4cc1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&z=1491286587

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

age: 44593
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 22 Dec 2024 17:08:41 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/ 353 KB
69 KB 35ms
35ms Script
application/javascript 2400:52e0:1a00::1206:2
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/core-en.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::1206:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),

Reverse DNS

Software

BunnyCDN-IL1-1206 /

Resource Hash

db76291a3a5ecdfecef360ea07a2f2b2912c77b92b964d1d2c6f7a3ddedb3ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cdn-status: 200
content-encoding: br
etag: "67657579-1121e"
expires: Sat, 20 Dec 2025 14:14:31 GMT
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
date: Mon, 23 Dec 2024 05:31:54 GMT
last-modified: Fri, 20 Dec 2024 13:47:37 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains
cdn-cachedat: 12/20/2024 14:14:31
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cdn-requestid: 4c0aa279c33a4fd48883c12dd6f9d998
cdn-pullzone: 954456
cdn-proxyver: 1.07
access-control-allow-origin: *
cdn-edgestorageid: 1232
server: BunnyCDN-IL1-1206
cdn-requestcountrycode: US

GET
H2 200 67332803.js Show response
cs.iubenda.com/cookie-solution/confs/js/ 225 B
760 B 168ms
25ms Script
application/javascript 2400:52e0:1a00::1207:2
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://cs.iubenda.com/cookie-solution/confs/js/67332803.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),

Reverse DNS

Software

BunnyCDN-IL1-1207 /

Resource Hash

f5f8f019ca0c97772bb8ffc2a310e0697f9525613e48b0f951fa3ec57bc55086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cdn-status: 200
content-encoding: br
etag: "6734c963-e1"
expires: Wed, 13 Nov 2024 16:47:07 GMT
date: Mon, 23 Dec 2024 05:31:55 GMT
last-modified: Wed, 13 Nov 2024 15:44:35 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains
cdn-cachedat: 11/13/2024 15:47:08
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cdn-requestid: 0cb411baea75db01f076dd9761f0c95f
access-control-allow-credentials: true
cdn-pullzone: 1019485
cdn-proxyver: 1.06
access-control-allow-origin: *
cdn-edgestorageid: 1207
server: BunnyCDN-IL1-1207
cdn-requestcountrycode: US

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
385 B 96ms
29ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

x-request-id: 12999bfa-db0a-4b88-9aae-b2db47b01f98
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

POST
H3 200 collect
www.google.com/ccm/ 0
0 80ms
30ms Ping
text/plain 2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&scrsrc=www.googletagmanager.com&frm=0&rnd=1235930331.1734931915&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&auid=659551645.1734931915&navt=n&npa=0&gtm=45He4cc1v865912973za200&gcs=G111&gcd=13n3n3n3n5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734931915214&tfd=2117&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 372 KB
123 KB 24ms
24ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7TEQDPTH5&l=dataLayer&cx=c&gtm=45He4cc1v865912973za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c18ed74d8965918c1e74e0ee16402b0e83f75de89d69ce4fb80068d7e1f66ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 23 Dec 2024 05:31:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 126050
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
26 B 24ms
23ms XHR
text/plain 2607:f8b0:400d:c01::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1613049231&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&ul=en-us&de=UTF-8&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiUABBAAAACAAI~&jid=501282967&gjid=130265991&cid=695540796.1734931915&tid=UA-12395217-10&_gid=1685083512.1734931915&_slc=1&gtm=45He4cc1n81KNJMG2Mv865912973za200&gcd=13n3n3n3n5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cd18=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&cd23=695540796.1734931915&gcs=G111&z=1733928458

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.elastic.co/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
361 B 24ms
23ms XHR
text/plain 2607:f8b0:400d:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12395217-10&cid=695540796.1734931915&jid=501282967&gjid=130265991&_gid=1685083512.1734931915&_u=aCDAiUABBAAAAGAAI~&z=1207501755

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.elastic.co/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2607:f8b0:400d:c01::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::66 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
age: 5117
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 23 Dec 2024 06:06:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 04:06:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 160ms
29ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5D3B7A41735C437C88B031D28AE93D65 Ref B: EWR30EDGE1614 Ref C: 2024-12-23T05:31:55Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET qevents.js
a.quora.com/ 0
0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 97ms
9ms Script
application/javascript 151.101.44.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.44.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Mon, 23 Dec 2024 05:31:55 GMT
x-tw-cdn: FT
last-modified: Tue, 29 Oct 2024 01:22:31 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000145-IAD, cache-nyc-kteb1890049-NYC
x-amz-server-side-encryption: AES256

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 43 KB
13 KB 40ms
9ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
etag: "1a001f3a066bff47a766099b87253911"
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12220
date: Mon, 23 Dec 2024 05:31:55 GMT
last-modified: Mon, 18 Nov 2024 21:16:35 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
server: snooserv
x-amz-server-side-encryption: AES256

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 19 KB
7 KB 230ms
16ms Script
application/javascript 2600:1408:c400:5::17c7:3716
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3716 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: max-age=31541
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 7404
date: Mon, 23 Dec 2024 05:31:55 GMT
last-modified: Wed, 18 Dec 2024 08:42:17 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 9541.js Show response
script.crazyegg.com/pages/scripts/0107/ 0
245 B 128ms
22ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0107/9541.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

server: cloudflare
cache-control: public, max-age=86400, s-maxage=86400
cf-cache-status: HIT
age: 47335
cf-ray: 8f65f7d6ed73c33a-EWR
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/javascript
last-modified: Sun, 22 Dec 2024 16:16:08 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H2 200 e8eb94c57118720c.min.js Show response
tag.demandbase.com/ 61 KB
18 KB 101ms
17ms Script
application/javascript 18.160.10.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/e8eb94c57118720c.min.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-76.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bb657d41beed373e37cbc0f719bd28fb44c2028e12eac21e7e285c40a7a602d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
x-amz-version-id: E.7bc6VFj9ROCw9QX9uTTQn6tjf2YHMo
etag: W/"a081a4498e6922853c381ebfb7ea32ef"
age: 1020
x-cache: Hit from cloudfront
x-amz-cf-id: aofnTSOCpvglH6PsWoIrrwFVtDvk4PzEZ3dJ0yaXwTF-T6zr75jpaQ==
date: Mon, 23 Dec 2024 05:14:56 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Fri, 15 Nov 2024 20:23:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=3600
via: 1.1 7375f2360b80ec8c602f04aa2cc7a57c.cloudfront.net (CloudFront)
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-pop: IAD12-P3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 deployment.js Show response
lift-ai-js.marketlinc.com/elastic.co/ 12 KB
3 KB 157ms
52ms Script
application/javascript 18.160.10.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lift-ai-js.marketlinc.com/elastic.co/deployment.js?996244265
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-85.iad12.r.cloudfront.net
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips /
Resource Hash: b30772367b2f48b92b53a9518ca522f78b5aad66069413084cfa06424b68d85a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache="set-cookie"
content-encoding: gzip
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 2875
x-amz-cf-id: PwXv9Qg55f2IAFcfsTVqZ63TGtD77vJnQKJsnY8R1uHECIasl7NrXA==
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript
x-amz-cf-pop: IAD12-P3
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 79ms
16ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-eNm4AZ9r' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-eNm4AZ9r' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4510, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: NuwYBjJfL7TYtbli1scroxPos5Os8l09vv5Ph8a00uCuAbnIZv6mEQe/sA9YR7rOKEkfFMfBBG56tJhTXewuoQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 112ms
20ms Script
application/javascript 3.167.72.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.72.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-72-96.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"dd635a85604f92ec6b3a600d010dd4e3"
Age: 62497
Connection: keep-alive
Via: 1.1 b7cdad11a8da074c3364a379749f7320.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: JebXwaWMmmZgz04z9zTH9yAepcgbKVm2CT53RptBB5P64nqQ7U_rvw==
Date: Sun, 22 Dec 2024 12:10:19 GMT
Content-Type: application/javascript
Last-Modified: Sun, 22 Dec 2024 12:09:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD61-P6
x-amz-server-side-encryption: AES256

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=1&add=35414607
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607

0
1 KB

62ms
60ms

Script
application/javascript

68.67.179.164
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Server

68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.132; 5.181.234.132; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: b294be13-e301-44d0-848d-1133e216c2f8
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 23 Dec 2024 05:31:55 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D1%26add%3D35414607
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.132; 5.181.234.132; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: e8460981-d1a6-4589-b2ec-2dc9222cbeb9
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Mon, 23 Dec 2024 05:31:55 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 96ms
15ms Script
application/x-javascript 23.13.172.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.13.172.203 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-13-172-203.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

Content-Encoding: gzip
ETag: "e75e5ba140b1c7e6ea79786633c1ba0d:1731465879.778595"
Connection: keep-alive
Accept-Ranges: bytes
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length: 741
Date: Mon, 23 Dec 2024 05:31:55 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 13 Nov 2024 02:44:39 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H/1.1 200
OK rtp.js Show response
sjrtp2-cdn.marketo.com/rtp-api/v1/ 0
416 B 436ms
240ms Script
application/x-javascript 23.13.165.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp2-cdn.marketo.com/rtp-api/v1/rtp.js?aid=elasticco

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.13.165.166 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-13-165-166.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

Strict-Transport-Security: max-age=63113904
Content-Length: 0
Date: Mon, 23 Dec 2024 05:31:55 GMT
Content-Type: application/x-javascript; charset=UTF-8
Server: Jetty(9.4.45.v20220203)
Connection: keep-alive

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 24 KB
24 KB 72ms
7ms Script
text/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c68a273bf2b08c99c46ac43d1059b8067818b3b889fa890b068d942a957a000c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=NtYn9w==, md5=oynavh2gmdRzy/fdj9RC1Q==
etag: "a329dabe1da099d473cbf7dd8fd442d5"
age: 442
x-goog-stored-content-encoding: identity
expires: Mon, 23 Dec 2024 06:24:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 24187
date: Mon, 23 Dec 2024 05:24:33 GMT
last-modified: Wed, 04 Dec 2024 19:07:47 GMT
content-type: text/javascript
x-guploader-uploadid: AFiumC51A8w7di-6RIRYzp1-UUYNzQy2fhUp-mxMT4wM8sdrjXgK3dDP4JjKNEqRB8BJS8oI1PK-hHo
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1733339267254009
content-length: 24187
server: UploadServer

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 121ms
39ms Script
text/javascript 2606:4700::6812:1247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=1200
content-encoding: br
cf-cache-status: HIT
age: 80102
via: 1.1 google
cf-ray: 8f65f7d768d34373-EWR
expires: Mon, 23 Dec 2024 05:51:55 GMT
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: text/javascript
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 287 KB
78 KB 76ms
10ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 33043b90f8bc0d6257226403ce514e3201170d7729ed94b7e0ffb042168a3b91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=Lb9z8w==, md5=/X7adg+Vx/FiHAQcO5/9cw==
etag: "fd7eda760f95c7f1621c041c3b9ffd73"
age: 606
x-goog-stored-content-encoding: br
expires: Mon, 23 Dec 2024 06:21:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 79354
date: Mon, 23 Dec 2024 05:21:49 GMT
last-modified: Wed, 18 Dec 2024 15:18:52 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4gPiYAVXaBRBoTh_95IbLLAhq2g-Zxv4hPBtDLkBedVIbKBrSLiWtAxp-70960rq11
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1734535132625862
content-length: 79354
server: UploadServer

GET
H2 200 / Show response
sdk.userledclient.io/ 44 KB
17 KB 202ms
19ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.userledclient.io/?appId=7f7022a8-1ebb-42d3-ae33-0cd49373b570&snippetVersion=4.0.0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

75fb488f98ae1594689962f9479fad74b3373d31ab79e3edd522508ad68b9fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=63072000
cache-control: max-age=0
content-encoding: br
x-vercel-cache: HIT
age: 72145
access-control-allow-credentials: true
access-control-allow-methods: GET,OPTIONS,PATCH,DELETE,POST,PUT
access-control-allow-origin: *
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/javascript
server: Vercel
x-vercel-id: iad1::fpkrb-1734931915439-ceb62a96a6ff
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, Authorization

GET
H2 200 pixel
q.quora.com/_/ad/5ff74fd61aa34eff83665499b5a912ce/ 43 B
285 B 119ms
31ms Image
image/gif 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/5ff74fd61aa34eff83665499b5a912ce/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-q-stat: ,20458caf9c0f9ba3c6972890f0d578e8,10.0.0.235,29230,5.181.234.132,,442686639483,1,1734931915.511,0.001,,.,0,0,0.000,0.004,-,0,0,203,265,132,10,26847,,,,,,-,
cf-ray: 8f65f7d7dfaa43d9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame DE99 0
0 65ms
23ms Document
text/html 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.elastic.co

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 56595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 22 Dec 2024 13:48:40 GMT
expires: Mon, 22 Dec 2025 13:48:40 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csdata Show response
idb.iubenda.com/ 0
606 B 291ms
127ms XHR
text/plain 2400:52e0:1a00::1207:2
BunnyCDN BUNNYWAY

General

Check archive.org

Show headers Download Go to

Full URL

https://idb.iubenda.com/csdata?db=hits1

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.72.0/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BunnyCDN BUNNYWAY, informacijske storitve d.o.o., SI),

Reverse DNS

Software

BunnyCDN-IL1-1207 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
date: Mon, 23 Dec 2024 05:31:55 GMT
cdn-cachedat: 12/23/2024 05:31:55
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cdn-requestpullcode: 204
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=0
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
x-influxdb-build: OSS
access-control-allow-credentials: true
cdn-pullzone: 967785
cdn-proxyver: 1.06
cdn-requestid: 37e5a1aa5a2862e43d2ac0fe72ebf532
access-control-allow-origin: *
x-influxdb-version: v2.7.5
cdn-edgestorageid: 1207
server: BunnyCDN-IL1-1207
cdn-requestcountrycode: US

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_dzxpwixmjt9l/ 3 B
124 B 67ms
10ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_dzxpwixmjt9l/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: max-age=14400
content-encoding: gzip
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json

GET
H2 200 a2_dzxpwixmjt9l_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 39ms
20ms XHR
application/json 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_dzxpwixmjt9l_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: max-age=300
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 98
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json
vary: Accept-Encoding,Origin
server: snooserv

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 80ms
20ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1734931915311&id=a2_dzxpwixmjt9l&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=890ae2e5-f388-4b7b-a9ca-c7236c0120b4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after: 0
cross-origin-resource-policy: cross-origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
content-length: 42
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: image/gif
server: Varnish

POST
H3 200 collect
www.google.com/ccm/ 0
0 42ms
41ms Ping
text/plain 2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=user_id_update&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&scrsrc=www.googletagmanager.com&frm=0&rnd=1235930331.1734931915&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&auid=659551645.1734931915&navt=n&npa=0&ga_uid=G-Q7TEQDPTH5.eb5625d4-f733-486a-9fed-814c7f818623&gtm=45He4cc1v865912973za200&gcs=G111&gcd=13n3n3n3n5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734931915351&tfd=2253&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

POST
H2 204 collect
analytics.google.com/g/ 0
0 26ms
25ms Fetch
text/plain 2607:f8b0:4004:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Q7TEQDPTH5&gtm=45je4cc1v884236656z8865912973za200zb865912973&_p=1734931914182&_gaz=1&gcs=G111&gcd=13n3n3n3n5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=695540796.1734931915&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAACA&_s=1&uid=eb5625d4-f733-486a-9fed-814c7f818623&sid=1734931915&sct=1&seg=0&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&en=page_view&_fv=1&_ss=1&ep.page_template=&ep.canonical_tag=null&ep.eu_id=eb5625d4-f733-486a-9fed-814c7f818623&ep.user_agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&ep.team=Docs&ep.page_category_dl=Elastic%20Security%20Solution%20%5B8.17%5D&ep.page_clean=www.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&ep.page_author=&ep.page_category=&ep.page_keywords=&ep.page_date_published=&ep.page_date_modified=&tfd=2259
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: text/plain
server: Golfe2

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
20 B 27ms
26ms Ping
text/plain 2607:f8b0:400d:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q7TEQDPTH5&cid=695540796.1734931915&gtm=45je4cc1v884236656z8865912973za200zb865912973&aip=1&uid=eb5625d4-f733-486a-9fed-814c7f818623&dma=0&gcs=G111&gcd=13n3n3n3n5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7TEQDPTH5&l=dataLayer&cx=c&gtm=45He4cc1v865912973za200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c09::9b Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame ED1E 0
0 37ms
26ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-Q7TEQDPTH5&gacid=695540796.1734931915&gtm=45je4cc1v884236656z8865912973za200zb865912973&dma=0&gcs=G111&gcd=13n3n3n3n5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=967767374

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q7TEQDPTH5&l=dataLayer&cx=c&gtm=45He4cc1v865912973za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Dec 2024 05:31:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
629 B 217ms
163ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=5e7865a4-daf7-4741-be42-8fab57e3cc54&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=bec69e38-8edb-42c9-b84d-3ae1d154da78&tw_document_href=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tw_iframe_status=0&txn_id=o50k2&type=javascript&version=2.3.31

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=0
x-transaction-id: b7d239f2e2438b8f
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 2ac38f39f986ab8bb52f64e9960c7465600ddebb2f211a869d52a018b273a1d3
cf-cache-status: DYNAMIC
cf-ray: 8f65f7d7ccd8c325-EWR
x-response-time: 85
content-length: 43
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 252ms
116ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=Pacific%2FHonolulu%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2648%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=5e7865a4-daf7-4741-be42-8fab57e3cc54&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=bec69e38-8edb-42c9-b84d-3ae1d154da78&tw_document_href=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tw_iframe_status=0&txn_id=o50k2&type=javascript&version=2.3.31

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: e0e2935df5439b8e
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 4a8880cf26eb463cc0f8c9f0982ebf62efc1ff5e864ea4d5c40fc4c6cda2e7a8
x-response-time: 79
content-length: 43
date: Mon, 23 Dec 2024 05:31:54 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H3 200 1636465863246433 Show response
connect.facebook.net/signals/config/ 70 KB
14 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1636465863246433?v=2.9.179&r=stable&domain=www.elastic.co&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60f9a74ca55a90a2ffa552e341398a8cc069918ce87a1c16af8fdcca5cef4ae9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-3vhpXooo' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-3vhpXooo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=77, mss=1232, tbw=71260, tp=67, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: 8jnQpBFOwV14cZFUoP+xAD0VG3aGX/iuL8cfX56v3pMx8FUUz3HnXs1bTUFF6EK8foLKsvRyUMphxQlJrcPe5g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14292
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sync
s.company-target.com/s/ Frame 0CA6 0
0 99ms
17ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.company-target.com/s/sync?exc=lr

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/e8eb94c57118720c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

22.71.96.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Mon, 23 Dec 2024 05:31:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMvro7sGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12976elBUGAV2VPeY7NZXH2EjHOcEtsa44GzKt4SjIEe7_k

26 B
348 B

111ms
18ms

Image
image/gif

99.84.188.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12976elBUGAV2VPeY7NZXH2EjHOcEtsa44GzKt4SjIEe7_k
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: HTTP/1.1
Server: 99.84.188.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-188-59.iad89.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

Connection: keep-alive
Via: 1.1 32c5b7040885724e78019cc31f0ef3e8.cloudfront.net (CloudFront)
X-Cache: Miss from cloudfront
Content-Length: 26
X-Amz-Cf-Id: 9c9Z5CUlKfKi3hCEb4RFIWMkdqleMaT4fBcHPY8CWhN9oynOagCA-w==
Date: Mon, 23 Dec 2024 05:31:55 GMT
Content-Type: image/gif
X-Amz-Cf-Pop: IAD89-C2

Redirect headers

cache-control: no-cache, no-store
timing-allow-origin: *
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12976elBUGAV2VPeY7NZXH2EjHOcEtsa44GzKt4SjIEe7_k
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
date: Mon, 23 Dec 2024 05:31:55 GMT

POST
H2 200 ip.json Show response
api.company-target.com/api/v3/ 491 B
1 KB 138ms
45ms XHR
application/json 108.138.85.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?referrer=&page=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&page_title=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic

Requested by

Host: tag.demandbase.com
URL: https://tag.demandbase.com/e8eb94c57118720c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-68.iad12.r.cloudfront.net

Software

nginx /

Resource Hash

4d9cffcc2365a3bd401c73a2d2e5f769c1730cdeb289dab56fe185ecd6279ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: f793d7a8-9209-4afb-bb5d-885d87ec8a0c
expires: Sun, 22 Dec 2024 05:31:55 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: qpCv_dCHC_smNsxKXZ2StoEMjq0qOHJNUTMe33KudkZ9vhcVqtnNgQ==
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 22ab92a35add26b3d8027870bbb6c672.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.elastic.co
x-amz-cf-pop: IAD12-P2
server: nginx

GET
H2 200 snippet.js Show response
lift-ai-js.marketlinc.com/elastic.co/ 36 KB
9 KB 55ms
55ms Script
application/javascript 18.160.10.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lift-ai-js.marketlinc.com/elastic.co/snippet.js?viewId=62108688
Requested by: Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/elastic.co/deployment.js?996244265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-85.iad12.r.cloudfront.net
Software: Apache/2.4.62 () OpenSSL/1.0.2k-fips /
Resource Hash: b6ed42ca1b84ceed338f85ea04e9096b9aa362acd9132cfa73bf0c426468e3be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache="set-cookie"
content-encoding: gzip
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 9019
x-amz-cf-id: VQVNYjzevxBrUfYTD_mMqrkTsgIsy4sO-4bOSGwnXEcyQuoaFJvGng==
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript
x-amz-cf-pop: IAD12-P3
server: Apache/2.4.62 () OpenSSL/1.0.2k-fips

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 24ms
23ms Script
application/x-javascript 23.13.172.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.13.172.203 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-13-172-203.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

Cache-Control: max-age=8640000
Content-Encoding: gzip
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Connection: keep-alive
Expires: Wed, 02 Apr 2025 05:31:55 GMT
Accept-Ranges: bytes
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length: 4741
Date: Mon, 23 Dec 2024 05:31:55 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 _commonjsHelpers-d3605e28.js Show response
sdk.userledclient.io/assets/ 5 KB
2 KB 20ms
17ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.userledclient.io/assets/_commonjsHelpers-d3605e28.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0c48e80aa2113e394c763b318acd8eb0657750aea7560b48f680f7103295e96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://sdk.userledclient.io/?appId=7f7022a8-1ebb-42d3-ae33-0cd49373b570&snippetVersion=4.0.0

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"2659bd62922b2a144fae9e79c8a2e12c"
age: 264900
access-control-allow-origin: *
date: Mon, 23 Dec 2024 05:31:55 GMT
content-disposition: inline; filename="_commonjsHelpers-d3605e28.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:02:38 GMT
x-vercel-id: iad1::njmwj-1734931915530-0b9a381093c7

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
438 B 39ms
37ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16579567&r=1734931915521&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
ibc_rate_tier: 16579567
Referer: https://www.elastic.co/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-encoding: identity
expires: Mon, 23 Dec 2024 06:31:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 43
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: image/gif
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
vary: Origin
x-guploader-uploadid: AFiumC6Pv1BoOzz9oj3c7hB2zc5r7mYSzlxMArlEcGBh9wAoyRVTdRKx2ynUs5ZHolcyLnbp
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1670534369365034
content-length: 43
server: nginx/1.20.2

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 101ms
27ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16579567&r=1734931915521&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.elastic.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 23 Dec 2024 05:31:55 GMT
expires: Mon, 23 Dec 2024 05:31:55 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: AFiumC4hHmSAfzhNmDywCOrAANCgX-eRKxXqGG9Gu8U8cSgYutaTJVcWiusMaOACaBcKO9Xu

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 16ms
16ms Script
application/javascript 2600:1408:c400:5::17c7:3716
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3716 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: max-age=34768
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14634
date: Mon, 23 Dec 2024 05:31:55 GMT
last-modified: Mon, 02 Dec 2024 19:22:52 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1YRR3Q-na1/v1/ 8 KB
2 KB 34ms
31ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1YRR3Q-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 40a116c2adb92f795d5f1d0ed1020cbc9bdf304a672124295b637e1dcaed3862

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=1xTDBg==, md5=CTGw73ZBBC+A0cOF2HKEng==
etag: "0931b0ef7641042f80d1c385d872849e"
age: 0
x-goog-stored-content-encoding: gzip
expires: Mon, 23 Dec 2024 05:46:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1599
date: Mon, 23 Dec 2024 05:31:55 GMT
last-modified: Mon, 23 Dec 2024 05:28:27 GMT
content-type: application/json
x-guploader-uploadid: AFiumC6-gdA7pItxPoPW5ZKGM4AbCVt31yHH3uYxv6FMaUE-owiedd6avLZB_y0DFKl7q-7vPVBPlYI
cache-control: public,max-age=900,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1734930807185945
content-length: 1599
server: UploadServer

GET
H2 200 5425009.js Show response
bat.bing.com/p/action/ 363 B
423 B 23ms
23ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5425009.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D959129895E24EA3BBED0CCE1D425FC1 Ref B: EWR30EDGE1614 Ref C: 2024-12-23T05:31:55Z
x-cache: CONFIG_NOCACHE
date: Mon, 23 Dec 2024 05:31:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 36ms
15ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1636465863246433&ev=PageView&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&rl=&if=false&ts=1734931915611&cd[referrer]=&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734931915610.38111252596924603&ler=empty&cdl=API_unavailable&it=1734931915450&coo=false&rqm=GET

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4558, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 178ms
158ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1636465863246433&ev=PageView&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&rl=&if=false&ts=1734931915611&cd[referrer]=&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734931915610.38111252596924603&ler=empty&cdl=API_unavailable&it=1734931915450&coo=false&rqm=FGET

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451475836867511364"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: kpyzeR4eoCZJQjHLdXdLPSt3mNsAs+oJj4tvvFZ1ZbsM55ZnB4ABqD2AzcEOR1kBML3rLDmoosDnnA09UDGkrw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451475836867511364", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4926, tp=13, tpl=0, uplat=142, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

OPTIONS
H2 200 ingest
pixels.spotify.com/v1/ Frame 0
0 120ms
29ms Preflight 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.spotify.com/v1/ingest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elastic.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 23 Dec 2024 05:31:55 GMT
server: envoy
vary: Accept-Encoding
via: HTTP/2 edgeproxy, 1.1 google

POST
H2 200 ingest Show response
pixels.spotify.com/v1/ 52 B
271 B 35ms
33ms Fetch
application/json 2600:1901:1:7c5::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pixels.spotify.com/v1/ingest

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

e15377387c329960f9746b4232e4c0f49083c411ac5ba9d51ac3cb45f0648f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000
grpc-status: 0
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
via: HTTP/2 edgeproxy, 1.1 google
grpc-accept-encoding: gzip,x-snappy-framed
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json
vary: Accept-Encoding
grpc-encoding: identity
server: envoy

POST
H/1.1 200
OK visitWebPage
813-mam-392.mktoresp.com/webevents/ 2 B
482 B 456ms
84ms Ping
text/plain 134.213.193.62
RACKSPACE-LON Rac...

General

Check archive.org

Show headers Download Go to

Full URL: https://813-mam-392.mktoresp.com/webevents/visitWebPage?_mchNc=1734931915626&_mchCn=&_mchId=813-MAM-392&_mchTk=_mch-elastic.co-1734931915624-48081&_mchHo=www.elastic.co&_mchPo=&_mchRu=%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON Rackspace Ltd., GB),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

Transfer-Encoding: chunked
X-Request-Id: 21db9cb4-4a6e-4dfb-a867-09f7f7fedb63
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Mon, 23 Dec 2024 05:31:56 GMT
Content-Type: text/plain; charset=UTF-8
Server: nginx/1.20.1

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 293 KB
100 KB 33ms
32ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-985891458&l=dataLayer&cx=c&gtm=45He4cc1v865912973za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNJMG2M

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ac712fe492d93f3dd48b77163ce308f466c94b2faeb62ff640fc3c437c62d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 23 Dec 2024 05:31:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102548
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
425 B 134ms
28ms XHR
text/html 2600:9000:2009:b400:1d:8d6d:3b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=qpCv_dCHC_smNsxKXZ2StoEMjq0qOHJNUTMe33KudkZ9vhcVqtnNgQ==&api-version=v3
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/e8eb94c57118720c.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:b400:1d:8d6d:3b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 77174
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: 3Ed3lYD_CHONnI-kp5cvAtSa3ZMaFxhcJWBdQxmCa8pQMJJVQupFWQ==
date: Sun, 22 Dec 2024 08:05:42 GMT
content-type: text/html
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
via: 1.1 176468abf50e2f86186eec9185a1ae22.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-amz-cf-pop: IAD66-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 visitor-scoring Show response
visitor-scoring-new.marketlinc.com/ 187 B
365 B 81ms
80ms XHR
application/json 3.234.118.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/visitor-scoring
Requested by: Host: lift-ai-js.marketlinc.com
URL: https://lift-ai-js.marketlinc.com/elastic.co/snippet.js?viewId=62108688
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.118.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-118-14.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 401b28c618e9ba1d2ea1fbed8fe4249d3edd193fd747f7e2ce01bc5ccd2780bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.elastic.co/

Response headers

expires: -1
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

OPTIONS
H2 200 visitor-scoring
visitor-scoring-new.marketlinc.com/ Frame 0
0 152ms
17ms Preflight 3.234.118.14
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://visitor-scoring-new.marketlinc.com/visitor-scoring
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.118.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-118-14.compute-1.amazonaws.com
Software: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elastic.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
content-encoding: gzip
content-length: 0
date: Mon, 23 Dec 2024 05:31:55 GMT
server: Apache/2.4.62 (Amazon Linux) OpenSSL/3.0.8

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
303 B 103ms
58ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elastic.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3B184F164F78418FB4A15091A9BF3DCA Ref B: EWR30EDGE0121 Ref C: 2024-12-23T05:31:55Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYp6VCMG6y+nOZr8AYAfA==
x-li-proto: http/2
access-control-allow-origin: https://www.elastic.co
x-cache: CONFIG_NOCACHE
date: Mon, 23 Dec 2024 05:31:55 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
764 B 156ms
114ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=501860%2C25986&time=1734931915664&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://www.elastic.co/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000629e9508c47aeaf22b29d8b6b50ad
x-msedge-ref: Ref A: 7B04AAB5F0054C0E99AC4C833CC3BBE6 Ref B: EWR30EDGE0818 Ref C: 2024-12-23T05:31:55Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYp6VCMR66vIrKdi2tQrQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D501860%252C25986%26time%3D1734931915664%26li_adsId%3Dc652aa1e-fe71-4edf-94bb-2264...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurren...

0
147 B

91ms
59ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ9OZ5Nkz0SRQAAAZPyACTG4K3B_TZgl-7N3XzUZZvQ1vrBEM-EGhajPWe63-GF-iTcR-vq3LMecA02zfpahxsFJKVl2wA
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D75039BBD31A47D586F6C05EAD823F30 Ref B: EWR30EDGE0212 Ref C: 2024-12-23T05:31:56Z
x-li-fabric: prod-lva1
x-li-uuid: AAYp6VCREf79PkeBKeO3MQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 23 Dec 2024 05:31:56 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915664&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ9OZ5Nkz0SRQAAAZPyACTG4K3B_TZgl-7N3XzUZZvQ1vrBEM-EGhajPWe63-GF-iTcR-vq3LMecA02zfpahxsFJKVl2wA
x-msedge-ref: Ref A: 576B16A8F1D847298BC56E872778C862 Ref B: EWR30EDGE0121 Ref C: 2024-12-23T05:31:55Z
x-li-fabric: prod-lva1
x-li-uuid: AAYp6VCPjipUnFbV+MY+Rg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 23 Dec 2024 05:31:55 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
330 B 161ms
120ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=501860%2C25986&time=1734931915666&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: *
Referer: https://www.elastic.co/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000629e9508c4fe5d879d21ebeb99bf7
x-msedge-ref: Ref A: A2FDE92C92E047FCA1459AE77A19A84B Ref B: EWR30EDGE0818 Ref C: 2024-12-23T05:31:55Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYp6VCMT+XYedIevrmb9w==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D501860%252C25986%26time%3D1734931915666%26li_adsId%3Dc652aa1e-fe71-4edf-94bb-2264...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurren...

0
488 B

118ms
58ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKId8jLDm7i0AAAAZPyACSzYvofeMA1PbiGpYTvOUO3oX07jcwEeaPICV6IEAaOWqWFGsUs0tTdb4oLxT2uO_1yxaS5so4
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2C102FAD4A15420590919C01EB39F9B4 Ref B: EWR30EDGE0212 Ref C: 2024-12-23T05:31:56Z
x-li-fabric: prod-lva1
x-li-uuid: AAYp6VCREW/3D+SntXKvnA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 23 Dec 2024 05:31:56 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=501860%2C25986&time=1734931915666&li_adsId=c652aa1e-fe71-4edf-94bb-226453cd507d&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQKId8jLDm7i0AAAAZPyACSzYvofeMA1PbiGpYTvOUO3oX07jcwEeaPICV6IEAaOWqWFGsUs0tTdb4oLxT2uO_1yxaS5so4
x-msedge-ref: Ref A: E32745A177C14CFABEC1A04DC1E54E15 Ref B: EWR30EDGE0121 Ref C: 2024-12-23T05:31:55Z
x-li-fabric: prod-lva1
x-li-uuid: AAYp6VCPRGFwHkz8F1vddw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 23 Dec 2024 05:31:55 GMT

GET
H2 200 finder-c29405a7.js Show response
sdk.userledclient.io/assets/ 4 KB
2 KB 23ms
21ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.userledclient.io/assets/finder-c29405a7.js

Requested by

Host: sdk.userledclient.io
URL: https://sdk.userledclient.io/?appId=7f7022a8-1ebb-42d3-ae33-0cd49373b570&snippetVersion=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e033e85d73341ad1aa961831ba67f717d1c9e390c2a84b5f277408d147639f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://sdk.userledclient.io/?appId=7f7022a8-1ebb-42d3-ae33-0cd49373b570&snippetVersion=4.0.0

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"b4b6bf364be902220898e0b3d99eaabb"
age: 246201
access-control-allow-origin: *
date: Mon, 23 Dec 2024 05:31:55 GMT
content-disposition: inline; filename="finder-c29405a7.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:02:38 GMT
x-vercel-id: iad1::tk4vh-1734931915682-c1bf3e27e6a9

GET
H2 204 0
bat.bing.com/action/ 0
362 B 23ms
22ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5425009&tm=gtm002&Ver=2&mid=818abdf8-11cc-4de4-b169-438bca8bc4c2&bo=1&sid=38f13720c0ef11efaef67bdf8736bd21&vid=38f13ae0c0ef11ef82bdf72e144d3c6f&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&p=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&r=&lt=1513&evt=pageLoad&sv=1&cdb=AQAQ&rn=515358

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C55B5432889B47F3A758F53E20C3A0D7 Ref B: EWR30EDGE1614 Ref C: 2024-12-23T05:31:55Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 23 Dec 2024 05:31:54 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 1 KB
786 B 155ms
101ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 9915390951dec3c5bea7cce83c477c25eff29a999ac1647411ead97eb36371fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 606
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: application/json; charset=utf-8

GET
BLOB 200
OK 3ced633d-37b0-4b15-91e8-ebd306ef1cc1
https://www.elastic.co/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.elastic.co/3ced633d-37b0-4b15-91e8-ebd306ef1cc1
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif
Content-Length: 43

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/985891458/ 5 KB
2 KB 92ms
44ms Script
text/javascript 2607:f8b0:400d:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985891458/?random=1734931915742&cv=11&fst=1734931915742&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895104880z8865912973za201zb865912973&gcd=13n3n3n3n5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&hn=www.googleadservices.com&frm=0&tiba=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&ga_uid=G-Q7TEQDPTH5.eb5625d4-f733-486a-9fed-814c7f818623&npa=0&pscdl=noapi&auid=659551645.1734931915&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=dmb_audience%3DResidential&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-985891458&l=dataLayer&cx=c&gtm=45He4cc1v865912973za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

656314531641ff9e638bff81e8e634099591e409f502c9bfa16f6d2109920854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2409
date: Mon, 23 Dec 2024 05:31:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 985891458
td.doubleclick.net/td/rul/ Frame 1A50 0
0 37ms
37ms Document
text/html 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/985891458?random=1734931915742&cv=11&fst=1734931915742&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895104880z8865912973za201zb865912973&gcd=13n3n3n3n5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&hn=www.googleadservices.com&frm=0&tiba=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&ga_uid=G-Q7TEQDPTH5.eb5625d4-f733-486a-9fed-814c7f818623&npa=0&pscdl=noapi&auid=659551645.1734931915&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=dmb_audience%3DResidential

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-985891458&l=dataLayer&cx=c&gtm=45He4cc1v865912973za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 23 Dec 2024 05:31:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/985891458/ 42 B
64 B 30ms
30ms Image
image/gif 2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/985891458/?random=1734931915742&cv=11&fst=1734930000000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v895104880z8865912973za201zb865912973&gcd=13n3n3n3n5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&hn=www.googleadservices.com&frm=0&tiba=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&ga_uid=G-Q7TEQDPTH5.eb5625d4-f733-486a-9fed-814c7f818623&npa=0&pscdl=noapi&auid=659551645.1734931915&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=dmb_audience%3DResidential&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dd1FDgRVYUfyBHBiACeCnQ3EOZa7fLgeoDogjSgyuuuRBEFUG&random=2395563202&rmt_tld=0&ipr=y

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 23 Dec 2024 05:31:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 6 KB
6 KB 47ms
46ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=o-1YRR3Q-na1&isInFrame=false&isNative=false
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 9da3baef7850e4f491d8ad0fcd6e5e7a0920ab1c95a10416de51fb13b8fe3ca5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:55 GMT
content-type: text/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin

GET
H3 200 latest.js Show response
edge.fullstory.com/datalayer/v4/ 43 KB
12 KB 27ms
10ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/datalayer/v4/latest.js
Requested by: Host: rs.fullstory.com
URL: https://rs.fullstory.com/rec/integrations?OrgId=o-1YRR3Q-na1&isInFrame=false&isNative=false
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=I4JzeA==, md5=IyBLJgiyXTxxJFl1fLhzSQ==
etag: "23204b2608b25d3c712459757cb87349"
age: 2956
x-goog-stored-content-encoding: gzip
expires: Mon, 23 Dec 2024 05:42:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 11986
date: Mon, 23 Dec 2024 04:42:40 GMT
last-modified: Thu, 26 Sep 2024 19:05:56 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC630BWDXmbl3AlyJxiohAYwx3sKabTVeICYWt6bPEpXgdDGy-Uvq1GyNNRGdP8qfPPcX9hH1ZA
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727377556312475
content-length: 11986
server: UploadServer

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ Frame F5AC 287 KB
0 76ms
10ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 33043b90f8bc0d6257226403ce514e3201170d7729ed94b7e0ffb042168a3b91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=Lb9z8w==, md5=/X7adg+Vx/FiHAQcO5/9cw==
etag: "fd7eda760f95c7f1621c041c3b9ffd73"
age: 606
x-goog-stored-content-encoding: br
expires: Mon, 23 Dec 2024 06:21:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 79354
date: Mon, 23 Dec 2024 05:21:49 GMT
last-modified: Wed, 18 Dec 2024 15:18:52 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AFiumC4gPiYAVXaBRBoTh_95IbLLAhq2g-Zxv4hPBtDLkBedVIbKBrSLiWtAxp-70960rq11
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1734535132625862
content-length: 79354
server: UploadServer

POST
H2 204 events Show response
logx.optimizely.com/v1/ 0
74 B 33ms
31ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

x-request-id: a876be95-b659-4f36-bc9e-1353fb73ed6e
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:56 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H2 200 fp.esm.min-9b5499b3.js Show response
sdk.userledclient.io/assets/ 7 KB
3 KB 21ms
21ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.userledclient.io/assets/fp.esm.min-9b5499b3.js

Requested by

Host: sdk.userledclient.io
URL: https://sdk.userledclient.io/?appId=7f7022a8-1ebb-42d3-ae33-0cd49373b570&snippetVersion=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5e7d0f88202f782c64d04338174cc62ddff12443d3c71de3f48714c6aefd11f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.elastic.co
Referer: https://sdk.userledclient.io/?appId=7f7022a8-1ebb-42d3-ae33-0cd49373b570&snippetVersion=4.0.0

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"40113e7a59ef318c117134d326a433a9"
age: 276524
access-control-allow-origin: *
date: Mon, 23 Dec 2024 05:31:56 GMT
content-disposition: inline; filename="fp.esm.min-9b5499b3.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:02:40 GMT
x-vercel-id: iad1::lpmqw-1734931916139-4d579f11d8be

GET
H2 200 loader_v3.11.4.js Show response
identity.userled.io/web/v3/sIiAbkgrzW4YhxhEpck0/ 169 KB
61 KB 402ms
110ms Script
text/javascript 3.33.216.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.userled.io/web/v3/sIiAbkgrzW4YhxhEpck0/loader_v3.11.4.js

Requested by

Host: sdk.userledclient.io
URL: https://sdk.userledclient.io/assets/fp.esm.min-9b5499b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.216.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a500536a719cdf47c.awsglobalaccelerator.com

Software

CloudFront /

Resource Hash

88f47e28b3138d2f4f5c097386c5e2d466bce545c869832773ccf1024a6d5ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
etag: W/"CQq5XH8NJg97ceSO8CXoBl4lHkk"
age: 528641
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: cYWdLDBmCQakNRFcsblJVNlD0bWjIGC8oD-Dj2a9DYb0n9HPIqaMsA==
date: Mon, 23 Dec 2024 05:31:56 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=3515, s-maxage=631600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET
H2 200 - Show response
identity.userled.io/L8g3/xczYkKf/ 96 B
447 B 571ms
94ms XHR
text/plain 3.33.216.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.userled.io/L8g3/xczYkKf/-?q=sIiAbkgrzW4YhxhEpck0

Requested by

Host: identity.userled.io
URL: https://identity.userled.io/web/v3/sIiAbkgrzW4YhxhEpck0/loader_v3.11.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.216.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a500536a719cdf47c.awsglobalaccelerator.com

Software

Resource Hash

61141f6834b94057ff23ac14a85c3436dfa040c6c4a7a484236d350fd15c35d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=63072000
x-robots-tag: noindex
content-security-policy: default-src 'none'; frame-ancestors 'none'
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
referrer-policy: no-referrer
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 96
date: Mon, 23 Dec 2024 05:31:57 GMT
content-type: text/plain; charset=utf-8
x-frame-options: DENY

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame EBB6
Redirect Chain

https://insight.adsrvr.org/track/up?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&upid=46vcaz5&upv=1.1.0&paa...
https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&upid=46vcaz5&upv=1.1.0&paa...

0
0

37ms
16ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&upid=46vcaz5&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 23 Dec 2024 05:31:56 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 40
date: Mon, 23 Dec 2024 05:31:56 GMT
location: https://match.adsrvr.org/track/upb/?adv=bciceyi&ref=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&upid=46vcaz5&upv=1.1.0&paapi=1
server: Kestrel

GET
H2 200 favicon.ico
www.elastic.co/ 9 KB
2 KB 75ms
75ms Other
image/x-icon 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

0cb99a895bcceec7ecb212662ae4f7cf0f5f524523359a8e863932d9ee73d17a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: "25be-AAGiIm+9qeafTyH2/IqTiJHOpik"
age: 1146381
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:56 GMT
content-type: image/x-icon
x-served-by: cache-bfi-kbfi7400100-BFI, cache-lga21921-LGA
x-cache-hits: 42, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931917.925865,VS0,VE65
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1410
x-xss-protection: 1; mode=block
server: my-server

GET
H2 200 favicon.ico
www.elastic.co/ 9 KB
0 0ms
0ms Other
image/x-icon 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

0cb99a895bcceec7ecb212662ae4f7cf0f5f524523359a8e863932d9ee73d17a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
content-encoding: gzip
etag: "25be-AAGiIm+9qeafTyH2/IqTiJHOpik"
age: 1146381
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:56 GMT
content-type: image/x-icon
x-served-by: cache-bfi-kbfi7400100-BFI, cache-lga21921-LGA
x-cache-hits: 42, 0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931917.925865,VS0,VE65
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1410
x-xss-protection: 1; mode=block
server: my-server

POST
H3 204 events Show response
logx.optimizely.com/v1/ 0
18 B 32ms
31ms XHR
text/plain 34.49.241.189
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/18132920325.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.49.241.189 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 189.241.49.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

x-request-id: 0cf3ad83-aa90-45f5-b8cc-9a5b10b2db81
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
via: 1.1 google
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:57 GMT
content-type: text/plain
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict

GET
H2 200 favicon-32x32.png
www.elastic.co/ 1 KB
2 KB 75ms
74ms Other
image/png 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elastic.co/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

my-server /

Resource Hash

d0e3b2d5f0bf63e6a572eb1ca0e71c41235155674b23b699d41396d02af1e66d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Response headers

x-change-language: true
etag: W/"50e-193ab0b5960"
age: 39447
x-content-type-options: nosniff
x-cache: HIT, MISS
date: Mon, 23 Dec 2024 05:31:57 GMT
content-type: image/png
last-modified: Mon, 09 Dec 2024 10:51:08 GMT
x-served-by: cache-bfi-krnt7300079-BFI, cache-lga21921-LGA
x-cache-hits: 43, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-security-policy: frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
cache-control: public, max-age=86400
x-dns-prefetch-control: off
euid: eb5625d4-f733-486a-9fed-814c7f818623
x-timer: S1734931917.111390,VS0,VE65
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 1294
x-xss-protection: 1; mode=block
server: my-server

POST
H2 200 / Show response
identity.userled.io/ 466 B
959 B 229ms
227ms XHR
text/plain 3.33.216.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.userled.io/?ci=js/3.11.5&q=sIiAbkgrzW4YhxhEpck0&ii=fingerprint-pro-custom-subdomain/2.0.0/procdn

Requested by

Host: identity.userled.io
URL: https://identity.userled.io/web/v3/sIiAbkgrzW4YhxhEpck0/loader_v3.11.4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.216.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a500536a719cdf47c.awsglobalaccelerator.com

Software

Resource Hash

55dcc7ce378b495ed6f602201c57f39b546d19227dce1de51f5d406f387867c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.elastic.co/

Response headers

strict-transport-security: max-age=63072000
content-security-policy: default-src 'none'; frame-ancestors 'none'
access-control-expose-headers: Retry-After
timing-allow-origin: *
access-control-allow-credentials: true
referrer-policy: no-referrer
x-content-type-options: nosniff
access-control-allow-origin: https://www.elastic.co
content-length: 466
date: Mon, 23 Dec 2024 05:31:57 GMT
content-type: text/plain
vary: Origin
x-frame-options: DENY

GET
H2 200 latency
api.userled.io/ 0
0 240ms
81ms Fetch 35.176.252.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userled.io/latency
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.252.208 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-252-208.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Mon, 23 Dec 2024 05:31:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Authorization, sentry-trace, baggage

GET
H2 200 latency
api.userled.io/ 0
0 81ms
81ms Fetch 35.176.252.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userled.io/latency?latency=242&orgId=7f7022a8-1ebb-42d3-ae33-0cd49373b570
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.252.208 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-252-208.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

access-control-allow-methods: *
access-control-allow-origin: *
content-length: 0
date: Mon, 23 Dec 2024 05:31:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, Authorization, sentry-trace, baggage

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 121ms
80ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=o-1YRR3Q-na1&UserId=5317550668984320&SessionId=1150210675302696096&PageId=3887453604628440716&Seq=1&ClientTime=1734931918541&CompiledVersion=5d25f89b4c48a072f5478dd73dab4051dc4b9787&PageStart=1734931915768&PrevBundleTime=0&LastActivity=2257&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8759bcb0c309800ab89734a989a6391a5f611243ae1ba2fb8101541d2b72df9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.elastic.co/

Response headers

via: 1.1 google
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Mon, 23 Dec 2024 05:31:58 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H3 204 collect
analytics.google.com/g/ 0
0 25ms
25ms Fetch
text/plain 2607:f8b0:4004:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DW3V48BZ9S&gtm=45je4cc1v9123417172za200&_p=1734931914182&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=695540796.1734931915&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAI&sid=1734931914&sct=1&seg=0&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&_s=2&tfd=6749
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:31:59 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 c3ugtv46u366.js Show response
js.driftt.com/include/1734932100000/ 222 KB
63 KB 201ms
64ms Script
application/javascript 18.160.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1734932100000/c3ugtv46u366.js

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.18.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-18-33.iad12.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5d1e20d15ccd8911d4c54acc452588d6715f90661239668349de8ca39b01950f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
x-amz-version-id: qLEwYVHb_bKjeXiGWoC2aWl6STCGt3.y
etag: W/"df7561e1d03ea8ac831808e7055af797"
access-control-allow-methods: GET, POST, OPTIONS
x-cache: RefreshHit from cloudfront
x-amz-cf-id: tKex34jg6vxlt51BDZfkAwpHNtWecQTBsDxCoUT8Vn295UKSfz0MIA==
date: Mon, 23 Dec 2024 05:32:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 25 Sep 2024 15:50:29 GMT
vary: Accept-Encoding
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
cache-control: max-age=10
x-envoy-upstream-service-time: 51
access-control-allow-credentials: true,true
via: 1.1 df2f03f1e32bc36cc15af726be2891aa.cloudfront.net (CloudFront), 1.1 4a9d2f26d7f571e9f468d5bd20d9ae18.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: IAD55-P7, IAD12-P4
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H2 200 core
rc-sc.js.driftt.com/ Frame 3FAF 0
0 111ms
41ms Document
text/html 3.167.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-sc.js.driftt.com/core?d=1&embedId=c3ugtv46u366&eId=c3ugtv46u366&region=US&forceShow=false&skipCampaigns=false&sessionId=bfe40019-10b3-47a8-802a-e15a2e22418c&sessionStarted=1734931920.49&campaignRefreshToken=02a64245-81e5-46e8-a1e8-2671bed34a1d&hideController=false&pageLoadStartTime=1734931913596&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1734932100000/c3ugtv46u366.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-99-57.iad55.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 23 Dec 2024 05:32:00 GMT
etag: W/"f11d2e0bd7bb70a3f806c86cacc7e2d0"
last-modified: Wed, 25 Sep 2024 15:49:56 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
via: 1.1 e6aeeb7570ed691a78ca7b97af923d2a.cloudfront.net (CloudFront)
x-amz-cf-id: nSLfETZrLjNnviOVG2r8gYVgqMlrQTgfg5lEwDvfFwGTBNomOoOl4A==
x-amz-cf-pop: IAD55-P7
x-amz-server-side-encryption: AES256
x-amz-version-id: Oc.snGPDdNLwJfUdklP0BB1mpKA1HMwT
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 26

GET
H2 200 chat
rc-sc.js.driftt.com/core/ Frame 0BE6 0
0 97ms
29ms Document
text/html 3.167.99.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-sc.js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1734931913596

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1734932100000/c3ugtv46u366.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.99.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-99-57.iad55.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.elastic.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 23 Dec 2024 05:32:00 GMT
etag: W/"f11d2e0bd7bb70a3f806c86cacc7e2d0"
last-modified: Wed, 25 Sep 2024 15:49:56 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
via: 1.1 e6aeeb7570ed691a78ca7b97af923d2a.cloudfront.net (CloudFront)
x-amz-cf-id: 87pvaHNRwykW2jAmfrKDjBfu83peg7SOO01Wfh9H12M5nIlNq4FE3A==
x-amz-cf-pop: IAD55-P7
x-amz-server-side-encryption: AES256
x-amz-version-id: Oc.snGPDdNLwJfUdklP0BB1mpKA1HMwT
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23

GET
H2 200 2.0413f329.chunk.js Show response
rc-sc.js.driftt.com/conductor/assets/ 14 KB
6 KB 87ms
17ms Script
application/javascript 3.167.99.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-sc.js.driftt.com/conductor/assets/2.0413f329.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1734932100000/c3ugtv46u366.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.99.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-99-51.iad55.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d8f4de4b40535b6b569834f32ad350095a9469ef3de8056561ada64499d00eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

content-encoding: gzip
x-amz-version-id: KbDsdniqp6PPE_DCFjkb6ZokebWqL.5D
etag: W/"e8d5e71476436ee22f7458aa90eb56e0"
age: 3926118
access-control-allow-methods: GET, POST, OPTIONS
x-cache: Hit from cloudfront
x-amz-cf-id: 4yk_JBQjHy1wayP4HrYg1Ld17AKtfI8oJQw8IjVuZMyeaPCQeTriow==
date: Thu, 07 Nov 2024 18:56:42 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 Sep 2024 15:50:31 GMT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-envoy-upstream-service-time: 28
access-control-allow-credentials: true
via: 1.1 e6aeeb7570ed691a78ca7b97af923d2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: IAD55-P7
server: istio-envoy
x-amz-server-side-encryption: AES256

GET /
site-concierge.driftt.com/ Frame 3C40 0
0

POST
H3 204 collect
analytics.google.com/g/ 0
0 26ms
24ms Fetch
text/plain 2607:f8b0:4004:c09::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Q7TEQDPTH5&gtm=45je4cc1v884236656z8865912973za200zb865912973&_p=1734931914182&gcs=G111&gcd=13n3n3n3n5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=695540796.1734931915&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&uid=eb5625d4-f733-486a-9fed-814c7f818623&sid=1734931915&sct=1&seg=0&dl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&dt=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&_s=2&tfd=7860
Requested by: Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c09::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.elastic.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.elastic.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 05:32:00 GMT
content-type: text/plain
server: Golfe2

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 70ms
57ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=o-1YRR3Q-na1&UserId=5317550668984320&SessionId=1150210675302696096&PageId=3887453604628440716&Seq=2&ClientTime=1734931921012&CompiledVersion=5d25f89b4c48a072f5478dd73dab4051dc4b9787&PageStart=1734931915768&PrevBundleTime=1734931918612&LastActivity=4737&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 61be29708ca88def292150de36c2f27e1fa5623ca758c0736ec7fb4e0f1ee046

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.elastic.co/

Response headers

via: 1.1 google
access-control-allow-origin: https://www.elastic.co
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Mon, 23 Dec 2024 05:32:01 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 ip.json
api.company-target.com/api/v3/ 491 B
1 KB 82ms
53ms Fetch
application/json 108.138.85.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.company-target.com/api/v3/ip.json?auth=OypkowFR6hNpyUCOrEksuFsLsgWN6BE8E6QM0SH0&page=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&page_title=Potential%20Evasion%20via%20Windows%20Filtering%20Platform%20%7C%20Elastic%20Security%20Solution%20%5B8.17%5D%20%7C%20Elastic&referrer=

Requested by

Host: www.elastic.co
URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-68.iad12.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.elastic.co/

Response headers

access-control-max-age: 7200
access-control-expose-headers: x-amz-cf-id
content-encoding: gzip
identification-source: CENTRAL
access-control-allow-methods: GET, POST, OPTIONS
request-id: 334b9751-bc0e-4097-ab44-b1c90b80c5ac
expires: Sun, 22 Dec 2024 05:32:01 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: YkOLtT74Xpy58fYAPE8U9dwm_X2NyX0sRuF93-gnr6QloEAy-5t2hQ==
date: Mon, 23 Dec 2024 05:32:01 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
api-version: v3
access-control-allow-credentials: true
via: 1.1 f6860256b1898079de872f02c7f7a03c.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.elastic.co
x-amz-cf-pop: IAD12-P2
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: a.quora.com
URL: https://a.quora.com/qevents.js

Domain: site-concierge.driftt.com
URL: https://site-concierge.driftt.com/?embedId=c3ugtv46u366&parentPageUrl=https%3A%2F%2Fwww.elastic.co%2Fguide%2Fen%2Fsecurity%2Fcurrent%2Fpotential-evasion-via-windows-filtering-platform.html&driftEnv=prod&conductor=cohab&parentPageQueryParams=&leadId=154046d9-2633-4def-9877-2b2f2c3b60f8

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elastic.co/	1970-01-21 11:31:31	Name: euid Value: eb5625d4-f733-486a-9fed-814c7f818623
www.elastic.co/	1970-01-21 11:31:31	Name: has_visited Value: true
.elastic.co/	1970-01-21 06:14:43	Name: optimizelyEndUserId Value: oeu1734931914051r0.9300542819734965
.elastic.co/	1970-01-21 11:31:31	Name: _ga_DW3V48BZ9S Value: GS1.1.1734931914.1.0.1734931914.60.0.0
.elastic.co/	1970-01-21 01:56:58	Name: _gid Value: GA1.2.1685083512.1734931915
.elastic.co/	1970-01-21 01:55:31	Name: _gat_gtag_UA_12395217_16 Value: 1
.elastic.co/	1970-01-21 04:05:07	Name: _gcl_au Value: 1.1.659551645.1734931915
.elastic.co/	1970-01-21 01:55:31	Name: _dc_gtm_UA-12395217-10 Value: 1
.elastic.co/	1970-01-21 04:05:07	Name: _rdt_uuid Value: 1734931915309.890ae2e5-f388-4b7b-a9ca-c7236c0120b4
.adnxs.com/	1970-01-21 04:05:07	Name: XANDR_PANID Value: jBZtZhO1KtTSG6OPZyKC4dgK23MnFfMqrty69uXfAwrQYbkO4ZGMdaLYepOOa02KAaYG1ECNZm4X5j-J1yZYYxDcj_kFtDrIRdFE43HAFlA.
.adnxs.com/	1970-01-21 11:31:31	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 04:05:07	Name: uuid2 Value: 2664955055021542301
.elastic.co/	1970-01-21 11:31:31	Name: _ga Value: GA1.1.695540796.1734931915
.doubleclick.net/	1970-01-21 11:31:31	Name: IDE Value: AHWqTUn5D5xfv-jAgJST2lxNORVco71VdtPA5Sx3AKMOiB_bcRVfaJiRp9mvNpip
.techtarget.com/	1970-01-21 01:55:33	Name: __cf_bm Value: tH9BVhQb1GGVr91Xd_9rA7JanJkB8pwZG8ABhGMIE.M-1734931915-1.0.1.1-FeoCM7ou0h8O4uPreel1zOlzpNQfX7fYsW_nl92qAM20VgEbho45yc2lp4RGel2QOyqSLvkifrgWYcRXCQcUYQ
.adnxs.com/	1970-01-21 04:05:07	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C''v]NNi!]tbP6j2F-XstGt!@Dle$tnuJ
www.elastic.co/	1970-01-21 10:41:07	Name: __spdt Value: fd71ae8ce881487ab9efe6148c7a54a6
.company-target.com/	1970-01-21 11:31:31	Name: tuuid Value: c43009f0-ab57-4ffd-ae33-a69e8c95cd1a
.company-target.com/	1970-01-21 11:31:31	Name: tuuid_lu Value: 1734931915\|ix:0\|mctv:0\|rp:0
.rlcdn.com/	1970-01-21 10:41:07	Name: rlas3 Value: tdI8zyKSdh6/2iyaZ4VOEjOTPYNcgJ4LlDrGHYtgvqw=
.elastic.co/	1970-01-21 04:05:07	Name: _fbp Value: fb.1.1734931915610.38111252596924603
.elastic.co/	1970-01-21 11:31:31	Name: _mkto_trk Value: id:813-MAM-392&token:_mch-elastic.co-1734931915624-48081
.rlcdn.com/	1970-01-21 03:21:55	Name: pxrc Value: CMvro7sGEgUI6AcQABIGCMrdKhAA
.t.co/	1970-01-21 11:31:31	Name: muc_ads Value: d603da94-5b85-4817-9099-1c41323f65ae
.t.co/	1970-01-21 01:55:33	Name: __cf_bm Value: DwfTmC.oxkXRwfTW4_pzJd86P8Te81PkR9BpbkgLWmE-1734931915-1.0.1.1-wnDrpNJKAY1elrVFaIA_B6dORtk7qjYsE4bczy.5Zd5cn39q9A86AA0ik6Kex4zFaPrBMoycF..zsMJmqXVR5Q
.casalemedia.com/	1970-01-21 10:41:07	Name: CMID Value: Z2j1y9HM5y0AAF41A7ubzQAA
.casalemedia.com/	1970-01-21 04:05:07	Name: CMPS Value: 1354
.casalemedia.com/	1970-01-21 04:05:07	Name: CMPRO Value: 1354
.twitter.com/	1970-01-21 11:31:31	Name: guest_id_marketing Value: v1%3A173493191558692340
.twitter.com/	1970-01-21 11:31:31	Name: guest_id_ads Value: v1%3A173493191558692340
.twitter.com/	1970-01-21 11:31:31	Name: personalization_id Value: "v1_MkarlGimcXltdHLkXeJfHw=="
.twitter.com/	1970-01-21 11:31:31	Name: guest_id Value: v1%3A173493191558692340
.elastic.co/	1970-01-21 01:56:58	Name: _uetsid Value: 38f13720c0ef11efaef67bdf8736bd21
.elastic.co/	1970-01-21 11:17:07	Name: _uetvid Value: 38f13ae0c0ef11ef82bdf72e144d3c6f
.bing.com/	1970-01-21 11:17:07	Name: MUID Value: 2329D4D38B726F402D3BC18D8ADA6E9C
.bat.bing.com/	1970-01-21 02:05:36	Name: MR Value: 0
.tremorhub.com/	1970-01-21 10:41:28	Name: tvid Value: 606628d2c2bf4f9f8b7bef840c806afa
.tremorhub.com/	1970-01-21 11:31:31	Name: tv_UIDM Value: c43009f0-ab57-4ffd-ae33-a69e8c95cd1a
.linkedin.com/	1970-01-21 01:56:58	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=3158:u=1:x=1:i=1734931915:t=1735018315:v=2:sig=AQGPQuI2v5fO-X1znONIi28DYF2tUl3C"
.linkedin.com/	1970-01-21 04:05:07	Name: li_sugr Value: 0b0aae62-8478-4dc6-ac43-1eba7f125fb6
.linkedin.com/	1970-01-21 10:41:07	Name: bcookie Value: "v=2&b06a8b3b-5ad2-47ea-8e24-ee726260e953"
.elastic.co/	1970-01-21 10:41:07	Name: fs_uid Value: #o-1YRR3Q-na1#5317550668984320:1150210675302696096:::#/1766467916
.linkedin.com/	1970-01-21 02:38:43	Name: UserMatchHistory Value: AQIKVCZY1slelwAAAZPyACQhw-VHD8sJmIArGHCGxLjvB32-hxilADOZu1bItPGD6dsGor8JFYjbJg
.linkedin.com/	1970-01-21 02:38:43	Name: AnalyticsSyncHistory Value: AQJCh4axPTs1VgAAAZPyACQhS6u1AkHunbbkGj39csPAKRSMxMxpxldxna1EcVF0e23BmsflxBA0NK8OaUg8yQ
.www.linkedin.com/	1970-01-21 10:41:07	Name: bscookie Value: "v=1&202412230531559c8813d5-8b94-49a6-88ae-135e3e596737AQG5hPjZzDdmgyYSv3P_nWp1oTpvm9Vs"
.www.elastic.co/	1970-01-21 11:31:31	Name: vs_vid Value: qqx8X1OAVUJAQ
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_vfs Value: 1
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_sid Value: wAvpkR0BgsaE
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_conv_ai Value: 5-9
.www.elastic.co/	1969-12-31 23:59:59	Name: vs_lift_ai Value: 70-74
api.userled.io/	1970-01-21 02:05:36	Name: AWSALBCORS Value: zCo8xMm9xBGyVhq2peIE7K9eE0w5ipAFaj3gC5OEiEhjaXRcbivUAqDW5i486dZeqYyIFYYA0LI1iaVy+HFeRdOLG7e3Ob3E3xb8BwCqYOVGDaa7v/sGg3GPkGCl
.elastic.co/	1970-01-21 01:55:32	Name: userled_session_id Value: a4cb954e-415b-49bc-968b-55ecce7f1f26
.rubiconproject.com/	1970-01-21 10:41:07	Name: khaos Value: M50LO216-1C-M4BG
.rubiconproject.com/	1970-01-21 10:41:07	Name: khaos_p Value: M50LO216-1C-M4BG
.rubiconproject.com/	1970-01-21 04:05:07	Name: receive-cookie-deprecation Value: 1
.elastic.co/	1969-12-31 23:59:59	Name: vs_intent Value: Low
www.elastic.co/	1969-12-31 23:59:59	Name: opt-page-count-in-current-session Value: 1
.elastic.co/	1970-01-21 06:14:43	Name: optimizelySession Value: 1734931916697
.adsrvr.org/	1970-01-21 10:41:07	Name: TDID Value: 6fc4d978-e77c-40a5-b35d-9f9b6ff65d0d
.elastic.co/	1970-01-21 11:31:31	Name: _ga_Q7TEQDPTH5 Value: GS1.1.1734931915.1.0.1734931916.59.0.0
.rubiconproject.com/	1970-01-21 10:41:07	Name: audit_p Value: 1\|J86RPzFDNyJcoaQl+vx8pAiJymzGV5taTIOYprzCvcHFwpmMCvAS5r3nk0Bd9zQt47LsvAKFBlowHTRO1/p4iJLoYn4tEwhGz1dKcvjcspamgouJT9uoOw7gDww+wvY8v3cpt4J2L0/43XdfpQbr6OrpbpkalysXVFGxpdJGiDeWvEnWSmTsitzpQ7vzkXQ/
.rubiconproject.com/	1970-01-21 10:41:07	Name: audit Value: 1\|J86RPzFDNyJcoaQl+vx8pAiJymzGV5taTIOYprzCvcHFwpmMCvAS5r3nk0Bd9zQt47LsvAKFBlowHTRO1/p4iJLoYn4tEwhGz1dKcvjcspamgouJT9uoOw7gDww+wvY8v3cpt4J2L0/43XdfpQbr6OrpbpkalysXVFGxpdJGiDeWvEnWSmTsitzpQ7vzkXQ/
.adsrvr.org/	1970-01-21 10:41:07	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCOLY5-Gkx9E9EAUSFQoGZ29vZ2xlEgsIorq-46TH0T0QBRIXCghhcHBuZXh1cxILCJKm6OGkx9E9EAUYBSACKAMyCwigtOqOu8fRPRAFQg8iDQgBEgkKBXRpZXIzEAFaB2JjaWNleWlgAQ..
.userled.io/	1970-01-21 10:41:07	Name: _iidt Value: omI/HJ81GBVQgMAK3/h84Y99dUYSWnStFVUihr/kjWRmS2rFSF5mVRs9P10x7Aq+giAas1kOsKyZnQ==
.elastic.co/	1970-01-21 10:41:07	Name: _vid_t Value: JPaEu7RZKCnVI9w0bT/P9WVv4yIKDUaNxzw4v8TPUQuifuxNi3iVNDhKDXiMuC84tT//oP2NKOrI0Q==
www.elastic.co/	1970-01-21 01:55:33	Name: drift_campaign_refresh Value: 02a64245-81e5-46e8-a1e8-2671bed34a1d
www.elastic.co/	1970-01-21 11:31:31	Name: driftt_aid Value: 154046d9-2633-4def-9877-2b2f2c3b60f8
www.elastic.co/	1969-12-31 23:59:59	Name: opt-time-spent-in-current-session Value: 4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a.quora.com/qevents.js Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
rendering	warning	URL: https://www.elastic.co/guide/en/security/current/potential-evasion-via-windows-filtering-platform.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0606501AC280000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://*.elastic.co https://elasticsandbox.docebosaas.com https://elastic.docebosaas.com https://www.gather.town;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

813-mam-392.mktoresp.com
a.quora.com
a18132920325.cdn.optimizely.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.company-target.com
api.demandbase.com
api.userled.io
bat.bing.com
cdn.iubenda.com
cdn.optimizely.com
cdn3.optimizely.com
connect.facebook.net
cs.iubenda.com
edge.fullstory.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
id.rlcdn.com
idb.iubenda.com
identity.userled.io
images.contentstack.io
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
lift-ai-js.marketlinc.com
logx.optimizely.com
match.adsrvr.org
munchkin.marketo.net
pixel-config.reddit.com
pixel.byspotify.com
pixels.spotify.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
rc-sc.js.driftt.com
rs.fullstory.com
s.company-target.com
script.crazyegg.com
sdk.userledclient.io
secure.adnxs.com
segments.company-target.com
site-concierge.driftt.com
sjrtp2-cdn.marketo.com
snap.licdn.com
static-www.elastic.co
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag-logger.demandbase.com
tag.demandbase.com
tapi.optimizely.com
td.doubleclick.net
trk.techtarget.com
visitor-scoring-new.marketlinc.com
www.elastic.co
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
a.quora.com
site-concierge.driftt.com
104.244.42.131
108.138.85.68
13.107.42.14
134.213.193.62
151.101.129.140
151.101.130.137
151.101.193.140
151.101.44.157
162.159.152.17
172.64.152.14
172.66.0.227
18.160.10.76
18.160.10.85
18.160.18.33
23.13.165.166
23.13.172.203
2400:52e0:1a00::1206:2
2400:52e0:1a00::1207:2
2600:1408:c400:5::17c7:3716
2600:1901:1:7c5::
2600:9000:2009:b400:1d:8d6d:3b40:93a1
2606:4700:4400::6812:27b8
2606:4700::6812:1247
2606:4700::6812:4139
2606:4700::6812:4239
2606:4700::6813:9308
2607:f8b0:4004:c09::71
2607:f8b0:4004:c19::9b
2607:f8b0:400d:c00::9c
2607:f8b0:400d:c01::63
2607:f8b0:400d:c01::66
2607:f8b0:400d:c09::61
2607:f8b0:400d:c09::9b
2620:1ec:21::14
2620:1ec:33::10
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:600::396
2a04:4e42:600::729
2a04:4e42::729
3.167.72.96
3.167.99.51
3.167.99.57
3.234.118.14
3.33.216.52
34.111.208.231
34.117.162.98
34.49.241.189
34.96.71.22
35.176.252.208
35.186.194.58
35.201.112.186
35.244.154.8
35.71.131.137
52.85.132.99
68.67.179.164
76.76.21.93
99.84.188.59
0470791f15efd2987bdb50b24027c3f584a2cf9b7b63fbf86012c5f2e9abcc05
08900bcd062958031e232098df8b51868466e9f2196fb1ce48425e3d88b79f8f
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c48e80aa2113e394c763b318acd8eb0657750aea7560b48f680f7103295e96c
0cb99a895bcceec7ecb212662ae4f7cf0f5f524523359a8e863932d9ee73d17a
0d2c4301cb4b042fe36308cfe9a7313be119fb68e60b0fc011e1a9624bd4ffd9
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
128de7d0d5b2541873587ab687c13251b9a8a8919bf03036fb2ad4df3ed9fa1a
130cc310c3284fad385e117c1667e2a5b904457856457ab8cb716bcb087217d1
1cc0ed96e096fc4274fe3284fb20621e01c9192640212f4f207b0127a651fab5
1cd1971677bc6b453950877ad6caf5aed64c80b8687ee588986ac7f5629c1004
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2365eb8fb2b07c00216a641efcd4177720838e57d8bd97be638f684f2c9f1596
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
25c51064b3e1adb2f09c485b0abf29198750e3ecca749cf13864896a1991acb5
27b0b70722f00843062f450be0dbe797a3dea123fb8427b190ea75c97cd2d1e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30827b15c369c38b972105fb55c83ec0e72ebc11071f35ffeefd3fd7eaa2a54b
33043b90f8bc0d6257226403ce514e3201170d7729ed94b7e0ffb042168a3b91
3b604f1e389d668b8535edb53e650780275dfa02e874ecc98c8f72c38662799f
3b625f089e8ba68e7f1236db9a7e7016523da105df34f32e38e48e523eaae521
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d27753b73f59e293a8a78f7ad3cc9c4fcd38f4cbd15bb03bc9871e41c4dac6d
401b28c618e9ba1d2ea1fbed8fe4249d3edd193fd747f7e2ce01bc5ccd2780bb
40a116c2adb92f795d5f1d0ed1020cbc9bdf304a672124295b637e1dcaed3862
410e2467e40d82041d4d061ecee6e853250746292ed79aecc066234921b854f6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
4ca87b176413c04d0ec8b4e83b7d0990bf1f2485443c88737f5e496326ecf62b
4d9cffcc2365a3bd401c73a2d2e5f769c1730cdeb289dab56fe185ecd6279ec3
530cac6c10c3d23af5d4a730320f81d2afdd5b0632165cb3c122db6988d7926c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55dcc7ce378b495ed6f602201c57f39b546d19227dce1de51f5d406f387867c0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ac712fe492d93f3dd48b77163ce308f466c94b2faeb62ff640fc3c437c62d30
5c18ed74d8965918c1e74e0ee16402b0e83f75de89d69ce4fb80068d7e1f66ab
5d1e20d15ccd8911d4c54acc452588d6715f90661239668349de8ca39b01950f
5e7d0f88202f782c64d04338174cc62ddff12443d3c71de3f48714c6aefd11f3
5e9acc481de30bdc37bcc2320e61ac55dda512c5a8f23bb9a8f321eb7f52b3bb
60f9a74ca55a90a2ffa552e341398a8cc069918ce87a1c16af8fdcca5cef4ae9
61141f6834b94057ff23ac14a85c3436dfa040c6c4a7a484236d350fd15c35d9
61be29708ca88def292150de36c2f27e1fa5623ca758c0736ec7fb4e0f1ee046
64fd3f7c1f3f05093090f950a257c22e2bcb2edcb9d34e8eda156269acfc0196
656314531641ff9e638bff81e8e634099591e409f502c9bfa16f6d2109920854
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
6e8d47fed7e719c4409a31be2bf0e4acbdd21d5b863b77181be4029b399a139a
75fb488f98ae1594689962f9479fad74b3373d31ab79e3edd522508ad68b9fa6
7811044be23fe604cb7d96169f28e0a98249d2d20aaa91ff124b4f94fcc84089
7ca480b9b77f0deec726cf870d050b83a624217f099a39db027f66b605376112
7d963a27fe8ca608f9b1d807dc9ae10b4dabdb925d32823dd4f35c9e9e9eea6f
8048762505c25e79f086ca4784644354a6d6405f6b217dd0da06a0b1ee12ab77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c5acf26157322c076413f750b91d730a809a12e20b11fef22fbac8594dd96c
8759bcb0c309800ab89734a989a6391a5f611243ae1ba2fb8101541d2b72df9b
88f47e28b3138d2f4f5c097386c5e2d466bce545c869832773ccf1024a6d5ead
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
8d8e20a45eba8dceb4a6be0af8675c8d1cea9bcec29b8337133a410d307cb74a
9607942e266bb8193783f8bea0310a334d05c2161520a8ca23816e5956df8a1b
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9915390951dec3c5bea7cce83c477c25eff29a999ac1647411ead97eb36371fe
9da3baef7850e4f491d8ad0fcd6e5e7a0920ab1c95a10416de51fb13b8fe3ca5
9e3afa54d7d6de30f15cd7b526a880615a45d5e2c3a7d9ee0506540dd9c8d41d
a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6
a673e2cdc5bd55d86ad373fd3b87892b3f0eb6a9b999d00999f5bfd33bd30b66
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab971e7b71065102f42fe834d2ddc887afe18b6485e03c73149c6628263317a7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2fcad0da1fac1591660d7fd76e835502e448336c3629498b769f86248950041
b30772367b2f48b92b53a9518ca522f78b5aad66069413084cfa06424b68d85a
b5ba1c490f21a75341ba57f563d231ff7b466222da8ba7364c5ebe5705c7b4b8
b6ed42ca1b84ceed338f85ea04e9096b9aa362acd9132cfa73bf0c426468e3be
b8291ac2cef05851c83bd2aa96f90317064e6559d0ffa372a0932175ee9897d5
bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a
bb657d41beed373e37cbc0f719bd28fb44c2028e12eac21e7e285c40a7a602d4
be8c45598c314d84a7d25f73fbb801c1e7e5eba32b047ee68543f033c912bdaa
c4e3e359a856ad0a1976b66c934301135a3e85ccf8f0353da823f385bc4d23b9
c659bd87a3cab75cb928add846f7485357617d8a47082e0d5168e44593fe9888
c667ab2f123ed450a52309995bfe1a4dcd6c62dc63fad468db86f621b6afd68c
c68a273bf2b08c99c46ac43d1059b8067818b3b889fa890b068d942a957a000c
c8b428cc3366b0b2cf2d6b7e5fd1be1416fe411777526095dfae2c0a5d9967f6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0e3b2d5f0bf63e6a572eb1ca0e71c41235155674b23b699d41396d02af1e66d
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d6ae29ab0157f0a372b1fecc239fb07d26e3a41084ee3233fb352bd1a8a9957d
d8f4de4b40535b6b569834f32ad350095a9469ef3de8056561ada64499d00eb8
d922e03a751c168900262b518d05d3f29d2931453c03eec8a00662a2aedbca5d
db76291a3a5ecdfecef360ea07a2f2b2912c77b92b964d1d2c6f7a3ddedb3ccb
ddc70a71cdf7d62ea220d3f609507e9aebb213100c79f6a0f60277dff07dd2f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4bc968515a2d2e12f42248a74536e1eef5beea7bf3b8b511e62296989040fd
e033e85d73341ad1aa961831ba67f717d1c9e390c2a84b5f277408d147639f72
e15377387c329960f9746b4232e4c0f49083c411ac5ba9d51ac3cb45f0648f36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b3b23e46ab9f1f5f6364a633ef64e37b01bf833cd0beb2033de3700e5c5c89
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
ed349f0e7de6b750d7f8e3819efa1df54980ea5bbebbda13dbf939b1b79ef31b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5196cdc9471293f1d6d3ceb2c6f2710f91dee9625f4f9e0c6b7a4d58b76bf7f
f5f8f019ca0c97772bb8ffc2a310e0697f9525613e48b0f951fa3ec57bc55086
f79982f09db7b58d3da73047b535f2b13ec64294e3339442aca9833b08e82901
f8060f1f05117d8899e80a8a13edc531baac8fdb59d7d1a77706645a080aae2d
fca1626077b04ab65671a684d15bb46f2b52276deaa0508379ce798f715df415

www.elastic.co Open in urlscan Pro 2a04:4e42::729 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

95 %HTTPS

41 %IPv6

36 Domains

62 Subdomains

58 IPs

3 Countries

3610 kBTransfer

9379 kBSize

68 Cookies

28 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.elastic.co Open in urlscan Pro
2a04:4e42::729 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

95 %
HTTPS

41 %
IPv6

36
Domains

62
Subdomains

58
IPs

3
Countries

3610 kB
Transfer

9379 kB
Size

68
Cookies

148 HTTP transactions
4 data transactions