urlscan.io logo urlscan.io
SecurityTrails logo

www.sans.org Open in urlscan Pro
45.60.31.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://digital-forensics.sans.org/media/poster_2014_find_evil.pdf
Effective URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Submission: On October 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 1 countries across 17 domains to perform 74 HTTP transactions. The main IP is 45.60.31.34, located in United States and belongs to INCAPSULA, US. The main domain is www.sans.org. The Cisco Umbrella rank of the primary domain is 175466.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q3 on September 27th 2024. Valid for: 6 months.
This is the only time www.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 45.60.31.34 19551 (INCAPSULA)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.192.114 54113 (FASTLY)
7 151.101.2.137 54113 (FASTLY)
2 54.174.193.21 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.174.94 15169 (GOOGLE)
1 173.194.205.105 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 209.85.144.94 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 173.194.205.147 15169 (GOOGLE)
1 18.160.41.49 16509 (AMAZON-02)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 2600:9000:251... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.146.11.170 14618 (AMAZON-AES)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 3.167.56.26 16509 (AMAZON-02)
1 3.168.102.69 16509 (AMAZON-02)
74 25
35    45.60.31.34 (United States)

ASN19551 (INCAPSULA, US)
digital-forensics.sans.org
www.sans.org
api.sans.org
1    2606:4700::6812:4139 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.optimizely.com
1    151.101.192.114 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
7    151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
images.contentstack.io
2    54.174.193.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-193-21.compute-1.amazonaws.com
addsearch.com
2    2607:f8b0:400d:c07::61 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.251.174.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f94.1e100.net
fonts.gstatic.com
1    173.194.205.105 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f105.1e100.net
www.google.com
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    209.85.144.94 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f94.1e100.net
www.gstatic.com
1    2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    173.194.205.147 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f147.1e100.net
www.google.com
1    18.160.41.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-49.iad55.r.cloudfront.net
static.hotjar.com
1    2600:1408:c400:5::17c7:3719 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:9000:2510:d000:2:6431:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.vibe.co
2    2607:f8b0:4004:c1f::66 (Washington, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c04::9c (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:400d:c02::9d (Morganton, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    54.146.11.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-11-170.compute-1.amazonaws.com
t.vibe.co
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    3.167.56.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-26.iad61.r.cloudfront.net
script.hotjar.com
1    3.168.102.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-69.jfk52.r.cloudfront.net
surveystats.hotjar.io
Apex Domain
Subdomains		 Transfer
35 sans.org
digital-forensics.sans.org
www.sans.org — Cisco Umbrella Rank: 175466
api.sans.org — Cisco Umbrella Rank: 374878
541 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
www.linkedin.com — Cisco Umbrella Rank: 646
px4.ads.linkedin.com — Cisco Umbrella Rank: 6828
4 KB
7 contentstack.io
images.contentstack.io — Cisco Umbrella Rank: 12322
173 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 326
139 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 147
971 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 877
script.hotjar.com — Cisco Umbrella Rank: 1177
132 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
303 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
543 B
2 vibe.co
s.vibe.co — Cisco Umbrella Rank: 56741
t.vibe.co — Cisco Umbrella Rank: 50722
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
206 KB
2 addsearch.com
addsearch.com — Cisco Umbrella Rank: 48904
15 KB
1 hotjar.io
surveystats.hotjar.io — Cisco Umbrella Rank: 16668
484 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 784
14 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 498
318 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
24 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3686
48 KB
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 971
94 KB
74 17
Domain Requested by
32 www.sans.org www.sans.org
7 images.contentstack.io www.sans.org
6 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
5 px.ads.linkedin.com 3 redirects snap.licdn.com
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 analytics.google.com www.googletagmanager.com
2 api.sans.org cdn.jsdelivr.net
2 www.google.com www.sans.org
www.gstatic.com
2 fonts.gstatic.com www.sans.org
2 www.googletagmanager.com www.sans.org
www.googletagmanager.com
2 addsearch.com www.sans.org
addsearch.com
1 surveystats.hotjar.io script.hotjar.com
1 px4.ads.linkedin.com www.sans.org
1 www.linkedin.com 1 redirects
1 t.vibe.co s.vibe.co
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 s.vibe.co www.sans.org
1 snap.licdn.com www.sans.org
1 static.hotjar.com www.sans.org
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.gstatic.com www.google.com
1 cdn.jsdelivr.net www.googletagmanager.com
1 cdn.evgnet.com www.sans.org
1 cdn.optimizely.com www.sans.org
1 digital-forensics.sans.org 1 redirects
74 26
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-09-27 -
2025-03-26		 6 months crt.sh
cdn.optimizely.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-14 -
2025-02-12		 a year crt.sh
*.contentstack.io
Gandi RSA Domain Validation Secure Server CA 3		 2024-04-10 -
2025-05-04		 a year crt.sh
*.addsearch.com
E5		 2024-09-05 -
2024-12-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
cookielaw.org
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-08-13 -
2024-11-11		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
vibe.co
Amazon RSA 2048 M03		 2024-04-02 -
2025-05-01		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.doubleclick.net
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-09-11 -
2025-03-11		 6 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-05-30 -
2025-06-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Frame ID: A651E123AE152D1B330842EC6EA4DBC9
Requests: 75 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=5r1vvvgscxv5
Frame ID: 3CB4ED62A18E852D21A2B9CADC2DAA10
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-18EC69JQ0P&gacid=2041574246.1728309193&gtm=45je4a20v897849904z8813203220za200zb813203220&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529665~101671035~101747727&z=1342106602
Frame ID: 1F1F79EAD14EBF3E2C5EB0B53A1F5DED
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - Page Not Found

Page URL History Show full URLs

  1. https://digital-forensics.sans.org/media/poster_2014_find_evil.pdf HTTP 301
    https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

74
Requests

99 %
HTTPS

46 %
IPv6

17
Domains

26
Subdomains

25
IPs

1
Countries

1696 kB
Transfer

5692 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://digital-forensics.sans.org/media/poster_2014_find_evil.pdf HTTP 301
    https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D118983%26time%3D1728309193628%26url%3Dhttps%253A%252F%252Fwww.sans.org%252Fdigital-forensics-incident-response%252Fmedia%252Fposter_2014_find_evil.pdf%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=true&liSync=true&e_ipv6=AQI_xeYi1IpDKwAAAZJnQW3FGoFUStoA2DUk1ddiljdKIYgEJ9T8tla-xFTZ9EiDMedyyQ

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request poster_2014_find_evil.pdf
www.sans.org/digital-forensics-incident-response/media/
Redirect Chain
  • https://digital-forensics.sans.org/media/poster_2014_find_evil.pdf
  • https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
215 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a628f321e1bd6566cc7064037832cabbcc3a58455e0b95a4518cef486dd95926
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
17
cache-control
max-age=30
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
content-type
text/html
date
Mon, 07 Oct 2024 13:52:55 GMT
etag
W/"fb55d9c3a76602705ae8f5e0df6b5339"
expect-ct
max-age=86400, enforce
last-modified
Mon, 07 Oct 2024 13:51:50 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 5deffd3025190ff558739d37ae5c95f0.cloudfront.net (CloudFront)
x-amz-cf-id
ikH3AYM6ic2ZQz4TBAYRXr_XVsKygyM_rGaqkptp1tx4BLyYsuKZ1A==
x-amz-cf-pop
LAX53-P1
x-cache
Error from cloudfront
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
Security Headers PathFactory set XFRAMEOPTS
x-iinfo
7-68123281-68123322 NNNN CT(1 4 0) RT(1728309189603 480) q(0 0 0 1) r(0 2) U11
x-xss-protection
1; mode=block

Redirect headers

content-length
296
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=iso-8859-1
date
Mon, 07 Oct 2024 13:53:10 GMT
expect-ct
max-age=84600; enforce
location
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31556926; includeSubdomains
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
7-68123281-68123289 NNNN CT(62 178 0) RT(1728309189603 64) q(0 0 3 2) r(3 3) U11
x-xss-protection
1; mode=block
28081820005.js
cdn.optimizely.com/js/ 		315 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/28081820005.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cbb7b555b01f5c866d63febd6c47f1c1004c01c7c64bcdab7eb5f753072daa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

access-control-max-age
86400
access-control-expose-headers
x-amz-meta-revision
content-encoding
gzip
cf-cache-status
HIT
etag
"76f4279dfb4d499dbe2118df082d9463"
x-amz-version-id
EQFCUs_PXCZBlWW_Oy6zRbWy7aBRFuds
age
207
access-control-allow-methods
GET, HEAD
date
Mon, 07 Oct 2024 13:53:11 GMT
x-amz-meta-revision
508
content-type
text/javascript; charset=utf-8
last-modified
Thu, 26 Sep 2024 16:47:15 GMT
vary
Accept-Encoding
x-amz-id-2
3P5heXZeYLFlZo9ZxYtVqM83Om+spSTq8XjgqSMTB/hp9W+nJwgdmO7xptT/uML6puZeTz/88ZAO8MOnhmu+sm1M9DlrTLGRwMPJJCDZhKs=
access-control-allow-headers
*
x-amz-replication-status
PENDING
cache-control
max-age=120
timing-allow-origin
*
x-amz-meta-pci_enabled
False
access-control-allow-credentials
false
x-amz-request-id
RP53YJSCGB0EE8SG
cf-ray
8cee603dcde87c97-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
95994
server
cloudflare
x-amz-server-side-encryption
AES256
evergage.min.js
cdn.evgnet.com/beacon/sansccybersecurity/sans_prod/scripts/ 		194 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/sansccybersecurity/sans_prod/scripts/evergage.min.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.114 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99755c96c0916d2ddb174b63841608ab51faf2830a6d7f2b5d76580bf1c2d17c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-encoding
gzip
etag
"183dc18d36f00e07dc67a2aef5fbd9a7"
x-amz-version-id
UroQAWtWAtwKZLwLKEAiqQHftH309l8d
age
51
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Mon, 09 Sep 2024 14:47:33 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kjyo7100035-IAD, cache-lax-kwhp1940122-LAX
x-cache-hits
801573, 0
x-amz-id-2
oGewZAtTzOcZWzgQWMKIO6hSlaOeeTaQVjlhf+6kNfZpzHQZEo1YcHa5rPQCawarUAzl8tDryGM=
x-amz-meta-evergage-beacon-ver
16
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
cache-control
max-age=120
timing-allow-origin
*
x-amz-meta-evergage-sum
e73e71f18d926795ab117e4d7637c4755089aed2
x-timer
S1728309191.311647,VS0,VE60
via
1.1 varnish, 1.1 varnish
x-amz-request-id
YEEA9Q3W34RH6RAE
accept-ranges
bytes
content-length
48755
server
AmazonS3
x-amz-server-side-encryption
AES256
5a065f4.js
www.sans.org/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/5a065f4.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fbe6192fb8fcc0bf4850a915662b12da06aa607c7bf444226df3ee8ae162b35b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"793f0791318537059a0bb4bd37d78f82"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Thu, 03 Oct 2024 23:51:05 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68106351 2VNN RT(1728309189603 714) q(0 1 1 -1) r(4 4)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
2309
x-xss-protection
1; mode=block
93886ad.js
www.sans.org/_nuxt/ 		201 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/93886ad.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ba02d5bd6b9fb4d0444627ac4571d82445dacd518a7e73d50a0a65fd6c24d4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"870eb54616733755d1033c94293d0a25"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Thu, 25 Jul 2024 17:18:14 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68120944 2VNN RT(1728309189603 715) q(0 1 1 -1) r(4 4)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
69939
x-xss-protection
1; mode=block
13805fc.css
www.sans.org/_nuxt/css/ 		229 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/13805fc.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1f4e6bbe317244c09dee39aad1db644c1b4bfd29bb238e7abc0b30c81f098e5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"9d1521d4bec68b260a10c8edbb4d6253"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 21 Aug 2024 16:51:50 GMT
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68083112 2VNN RT(1728309189603 702) q(0 0 0 -1) r(2 2)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
19525
x-xss-protection
1; mode=block
5150ca9.js
www.sans.org/_nuxt/ 		229 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/5150ca9.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
24324a9bd320baa88183615ec6457d55ec84017254c3a08859d5a1ce0bbc78e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"d8fe14e66dd60907fcb2e2a674b2208d"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 21 Aug 2024 16:51:49 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68101374 2VNN RT(1728309189603 716) q(0 1 1 -1) r(4 4)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
65498
x-xss-protection
1; mode=block
fd21fb5.css
www.sans.org/_nuxt/css/ 		971 B
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/fd21fb5.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3faf06748feaa1c7bc8d9d84d262d209c9c47005cbc5be246743b32e2490d7f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
"e48a670e857e41e71c49c8f4794970b3"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 10 Jul 2024 08:50:43 GMT
content-type
text/css
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122177 2VNN RT(1728309189603 704) q(0 0 0 -1) r(2 2)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
451
x-xss-protection
1; mode=block
be05dd5.js
www.sans.org/_nuxt/ 		519 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/be05dd5.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cc485f9a63ffabfb8d7f4c9b8e8d474001d25099962cd0c75147e5c6c325b022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"1bfc8b33172fdb713ef1eecefd84e909"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
3CW4lw-sXIiy5pmFiaF2x-BshqId4r6Zvkn7jf84rgRbfKNuA6EszA==
date
Mon, 07 Oct 2024 13:53:12 GMT
content-type
text/javascript
last-modified
Mon, 07 Oct 2024 13:51:50 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122211 2NNN RT(1728309189603 717) q(0 2 2 -1) r(4 4) U18
cache-control
max-age=30
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
via
1.1 8c0cf74a8ac4637a28b8ef40ac35c710.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
LAX53-P1
0b9976d.css
www.sans.org/_nuxt/css/ 		240 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/0b9976d.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5ac64c4b40ed29ce00988c16984e36c659256fa1f364af9d13c499bbd832450d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"ea6374cf26f92b913ac22027242d3d35"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 21 Aug 2024 16:51:50 GMT
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122168 2VNN RT(1728309189603 706) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
34358
x-xss-protection
1; mode=block
8575e6d.js
www.sans.org/_nuxt/ 		82 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/8575e6d.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a29fa7fda8f630e6f97901fe8d51d9419f649200b3ea4dfe57ccf55b2362fee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"9128442e079cbc0bc1f1059a6bd8a644"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 21 Aug 2024 16:51:49 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68123373 2VNN RT(1728309189603 764) q(0 2 2 -1) r(2 4)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
13515
x-xss-protection
1; mode=block
6a1af70.js
www.sans.org/_nuxt/ 		594 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/6a1af70.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
bbb6b62445763c998d79d735810f828a19922da763c41c5895b486ad0f3e8124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
"f63f2c491d1167ae9e63a33016d9a5c4"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Tue, 30 Jul 2024 17:37:38 GMT
content-type
text/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68115511 2VNN RT(1728309189603 767) q(0 2 2 -1) r(4 4)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
397
x-xss-protection
1; mode=block
d16ca0b.css
www.sans.org/_nuxt/css/ 		89 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/d16ca0b.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
64a8b107e8066512938fc0a610a06d06950f198cde03dc025a5781623dd688f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"dc5984c15603600c8b8eaa72296431f1"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 21 Aug 2024 16:51:50 GMT
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68106351 2VNN RT(1728309189603 707) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
7989
x-xss-protection
1; mode=block
6c73339.js
www.sans.org/_nuxt/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/6c73339.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a1f43c0391f3915579539826042bf119668280ba4a0b70a688681cc4cb286639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"97d3d0907f6907c73f82fa5daf66e682"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 21 Aug 2024 16:51:49 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122177 2VNN RT(1728309189603 769) q(0 4 4 -1) r(5 5)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
13127
x-xss-protection
1; mode=block
8b5de72.css
www.sans.org/_nuxt/css/ 		115 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/8b5de72.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8a6646b095c7d076542a68f694aad3bd445337cf0a499a388cf107a111189a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"6aceb4f9ae299025aa2159073ec84275"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Tue, 30 Jul 2024 17:37:38 GMT
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68101374 2VNN RT(1728309189603 708) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
10784
x-xss-protection
1; mode=block
265abf2.js
www.sans.org/_nuxt/ 		125 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/265abf2.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
899cc267d0d10536bbc12bf509ecfb65c7d3d28d781291bd7ecc8e2be9299020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"3e373a50103fcfa97c08662c5512763a"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Tue, 30 Jul 2024 17:37:37 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122168 2VNN RT(1728309189603 769) q(0 4 4 -1) r(5 5)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
37586
x-xss-protection
1; mode=block
44b0601.css
www.sans.org/_nuxt/css/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/44b0601.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d3aca8f061e58208d25e5a8baefdcdca43dfe9317d742b311c9021f1fbd4e0b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"eea294a8e50ae3ed406dc4374f6ad543"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Wed, 10 Jul 2024 08:50:43 GMT
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122211 2VNN RT(1728309189603 711) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
4554
x-xss-protection
1; mode=block
abc2e3f.js
www.sans.org/_nuxt/ 		1 KB
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/abc2e3f.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0062916450081cbccd3916606660850883a2996207ef459f7b0bb4fc1c17a015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"8f1bc7459f24149b6438a0af01aba9bc"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
date
Mon, 07 Oct 2024 13:53:10 GMT
last-modified
Tue, 10 Sep 2024 04:17:24 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68120944 2VNN RT(1728309189603 770) q(0 4 4 -1) r(6 6)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
610
x-xss-protection
1; mode=block
290x100_mega_nav_train_and_certify.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte8be34fc229589b9/6273dce3941a2939d3d00f0e/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte8be34fc229589b9/6273dce3941a2939d3d00f0e/290x100_mega_nav_train_and_certify.jpg
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
a0aa5707b114579a33f6bd2f1e5bdb28399e0a76431d31c34733664a8b6e2b8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

fastly-io-info
ifsz=37144 idim=290x100 ifmt=jpeg ofsz=31269 odim=290x100 ofmt=jpeg
x-request-id
f68b8b960eb3891d86abc97186db9803
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
etag
"ur4XIkLCdBCQfPyRP00VapGVVBhgJPmmf66qwioL8ck"
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:11 GMT
content-disposition
inline; filename=290x100_mega_nav_train_and_certify.jpg
x-served-by
cache-sjc1000138-SJC, cache-bur-kbur8200046-BUR
x-runtime
164ms
content-type
image/jpeg
x-contentstack-organization
blt848504a4924ca8db
x-cache-hits
24, 0
fastly-stats
io=1
cache-control
max-age=31536000
x-timer
S1728309191.354747,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
31269
fastly-io-served-by
vpop-haf2300702
server
contentstack
290x100_mega_nav9_manage_your_team.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltf47dc15d424f72e4/6273dce39dad2234e4d02e02/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltf47dc15d424f72e4/6273dce39dad2234e4d02e02/290x100_mega_nav9_manage_your_team.jpg
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
37cba10e43067a0214b42d54d09875849f601a914a463c0c1fcacd299070396b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

fastly-io-info
ifsz=36921 idim=290x100 ifmt=jpeg ofsz=29320 odim=290x100 ofmt=jpeg
x-request-id
69c9283df87b61080a818ceaba5a4b91
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
etag
"f/BsIxvXpi+LUiglRdzDmSa5H5VWOCU6sjXxA/YGaAY"
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:11 GMT
content-disposition
inline; filename=290x100_mega_nav9_manage_your_team.jpg
x-served-by
cache-sjc10077-SJC, cache-bur-kbur8200046-BUR
x-runtime
134ms
content-type
image/jpeg
x-contentstack-organization
blt848504a4924ca8db
x-cache-hits
24, 0
fastly-stats
io=1
cache-control
max-age=31536000
x-timer
S1728309191.354731,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29320
fastly-io-served-by
vpop-haf2300711
server
contentstack
290x100_mega_nav3_security_awareness.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt1733d7a8ff26d5ad/6273dce39dfd5f30d076efa0/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt1733d7a8ff26d5ad/6273dce39dfd5f30d076efa0/290x100_mega_nav3_security_awareness.jpg
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
c1236d3af38b7d049eca1f27f6b2a7acedbf1d6168cee99138ab4730a24fdd6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

fastly-io-info
ifsz=38019 idim=290x100 ifmt=jpeg ofsz=30674 odim=290x100 ofmt=jpeg
x-request-id
b2034ef1568843b14864fca42efa7c08
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
etag
"qe3T/381iNlLOnvLkI8GwieG5sLQrJbKsEGMM4CZXvQ"
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:11 GMT
content-disposition
inline; filename=290x100_mega_nav3_security_awareness.jpg
x-served-by
cache-sjc1000095-SJC, cache-bur-kbur8200046-BUR
x-runtime
88ms
content-type
image/jpeg
x-contentstack-organization
blt848504a4924ca8db
x-cache-hits
24, 0
fastly-stats
io=1
cache-control
max-age=31536000
x-timer
S1728309191.441394,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30674
fastly-io-served-by
vpop-haf2300703
server
contentstack
290x100_mega_nav4_resources.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt08fed20a2b957c76/6273dce36ed4423afc98e390/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt08fed20a2b957c76/6273dce36ed4423afc98e390/290x100_mega_nav4_resources.jpg
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
7d30435414031894c25be74ea98bde63a851f84e547ea6d942b21f1f0a37e233

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

fastly-io-info
ifsz=30358 idim=290x100 ifmt=jpeg ofsz=25883 odim=290x100 ofmt=jpeg
x-request-id
df53438d38225364265ceb4f4496e631
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
etag
"J3lljs423xd5iHf5RMtOG2DoSQ61d/vuzRDhhlKLfTc"
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:11 GMT
content-disposition
inline; filename=290x100_mega_nav4_resources.jpg
x-served-by
cache-sjc10033-SJC, cache-bur-kbur8200046-BUR
x-runtime
65ms
content-type
image/jpeg
x-contentstack-organization
blt848504a4924ca8db
x-cache-hits
23, 0
fastly-stats
io=1
cache-control
max-age=31536000
x-timer
S1728309192.515324,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
25883
fastly-io-served-by
vpop-haf2300703
server
contentstack
290x100_mega_nav_get_involved.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltbe97e5485d2294e7/6273dce33debbf3afdd2d898/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltbe97e5485d2294e7/6273dce33debbf3afdd2d898/290x100_mega_nav_get_involved.jpg
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
02341acfd22526ad4569d86455a9c94ab08194bd40f329df6577362aa9fe78ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

fastly-io-info
ifsz=40093 idim=290x100 ifmt=jpeg ofsz=30887 odim=290x100 ofmt=jpeg
x-request-id
820a02b6bc3f3ed3197be9d959c072ba
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
etag
"M9g1vX/vuvTRmfGhW9YO83JI/S+4buwsymkaIHVUzWg"
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:11 GMT
content-disposition
inline; filename=290x100_mega_nav_get_involved.jpg
x-served-by
cache-sjc10077-SJC, cache-bur-kbur8200046-BUR
x-runtime
66ms
content-type
image/jpeg
x-contentstack-organization
blt848504a4924ca8db
x-cache-hits
22, 0
fastly-stats
io=1
cache-control
max-age=31536000
x-timer
S1728309192.520623,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30887
fastly-io-served-by
vpop-haf2300701
server
contentstack
290x100_mega_nav7_about_us.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb48ea6f22e3c9a94/6273dce3d2794936634fa557/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb48ea6f22e3c9a94/6273dce3d2794936634fa557/290x100_mega_nav7_about_us.jpg
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
0e7dcd24f724760d2fc0950cb5343c41a414499feb22339cb69d4a3101b2684b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

fastly-io-info
ifsz=31505 idim=290x100 ifmt=jpeg ofsz=25821 odim=290x100 ofmt=jpeg
x-request-id
9af6613631ad83064bc204d540eab9cf
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
etag
"CIRcbJFjAy7h9liVtoFgnwKLnwTXgjl/pfwHCIc9bdI"
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:11 GMT
content-disposition
inline; filename=290x100_mega_nav7_about_us.jpg
x-served-by
cache-sjc1000125-SJC, cache-bur-kbur8200046-BUR
x-runtime
61ms
content-type
image/jpeg
x-contentstack-organization
blt848504a4924ca8db
x-cache-hits
22, 0
fastly-stats
io=1
cache-control
max-age=31536000
x-timer
S1728309192.540236,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
25821
fastly-io-served-by
vpop-haf2300711
server
contentstack
/
addsearch.com/js/ 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.174.193.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-193-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f6c3e9b09c8cf82c17e6b37dcd3d1fe6f643d908ef6a638b2908fe257b1fd060

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
734
Date
Mon, 07 Oct 2024 13:53:11 GMT
Content-Type
application/javascript;charset=UTF-8
Vary
Accept-Encoding
Server
nginx
_Incapsula_Resource
www.sans.org/ 		83 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1075281764
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f1d10dcec893755a761040ab7e82d89a623254639639bb080dca2b69ca0a419c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex
cache-control
no-cache, no-store
content-encoding
gzip
expect-ct
max-age=86400, enforce
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-length
20169
x-xss-protection
1; mode=block
content-type
application/javascript
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/ 		379 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d00cff0558e199b2f61f0aaad199380a689e24e6be501790ca520eb831760e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 07 Oct 2024 13:53:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:53:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107840
x-xss-protection
0
server
Google Tag Manager
logo-sans.d72c7e5.svg
www.sans.org/_nuxt/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_nuxt/img/logo-sans.d72c7e5.svg
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/0b9976d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
be3b161eca24051313cc59d561426001989e585ef63bfb64336994902d2322c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/_nuxt/css/0b9976d.css

Response headers

content-encoding
gzip
etag
W/"e647dc13abbda64092e117c11ba75b06"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122168 2VNN RT(1728309189603 1158) q(0 2 2 -1) r(4 4)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
1646
x-xss-protection
1; mode=block
truncated
/ 		342 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b698a7613b5699ab82438105b51d1391ffa6103ce23ad2068e7f66479d1e2baf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
menu-chevron.510467e.svg
www.sans.org/_nuxt/img/ 		1 KB
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_nuxt/img/menu-chevron.510467e.svg
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/0b9976d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
78ca04ceaa354592535991dc60ee768438f0ee7ced1224c5b8e8bd5e5a24898c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/_nuxt/css/0b9976d.css

Response headers

content-encoding
gzip
etag
W/"e41be18adbcfd205935e1869c7d110dc"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68123373 2VNN RT(1728309189603 1153) q(0 1 1 -1) r(3 3)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
719
x-xss-protection
1; mode=block
search-icon-blue.2982038.svg
www.sans.org/_nuxt/img/ 		1 KB
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_nuxt/img/search-icon-blue.2982038.svg
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/0b9976d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0291038e1dab29b2b5d6ee42c102c6249b47e141ac84a88e5b335236474ac129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/_nuxt/css/0b9976d.css

Response headers

content-encoding
gzip
etag
W/"32c818c97941c024172c43d7db55b330"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68120944 2VNN RT(1728309189603 1155) q(0 2 2 -1) r(4 4)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
605
x-xss-protection
1; mode=block
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ddf1c3008869a04f57100949a5540f5cd285d893181070e68ae3d051e97c290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
next-grey.93bc860.svg
www.sans.org/_nuxt/img/ 		1 KB
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_nuxt/img/next-grey.93bc860.svg
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/8b5de72.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
df6379fe8c34adfb99a5983b564a2c050fde0b61244171c78ebdf08109379603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/_nuxt/css/8b5de72.css

Response headers

content-encoding
gzip
etag
W/"87d2e36c53ab1a37eef9729d41c619e5"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122177 2VNN RT(1728309189603 1150) q(0 1 1 -1) r(3 3)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
728
x-xss-protection
1; mode=block
truncated
/ 		416 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3386c3271fed365e713b17e8c7dd51cee0a7a8617c338129507ec06ef09d8145

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
facebook-blue.fbb90bb.svg
www.sans.org/_nuxt/img/ 		1 KB
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_nuxt/img/facebook-blue.fbb90bb.svg
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/44b0601.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c00f9dc81a56d6a9ff84c25d8c7f22c3712dd8fee84754e2a6ae44182c091996
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/_nuxt/css/44b0601.css

Response headers

content-encoding
gzip
etag
W/"93defae861d9dfebc162c3e80e2b8a60"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122211 2VNN RT(1728309189603 1512) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
624
x-xss-protection
1; mode=block
youtube-blue.531e101.svg
www.sans.org/_nuxt/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_nuxt/img/youtube-blue.531e101.svg
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/44b0601.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
76e987438e99c6477838308a149d379d791c4e9692e53f15627d68b5d93cd999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/_nuxt/css/44b0601.css

Response headers

content-encoding
gzip
etag
W/"89a0b71d2580a9e3806d565f33d22b99"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68120944 2VNN RT(1728309189603 1528) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
1815
x-xss-protection
1; mode=block
linkedin-blue.6a18be7.svg
www.sans.org/_nuxt/img/ 		1 KB
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_nuxt/img/linkedin-blue.6a18be7.svg
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/44b0601.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3332992e96bc009b7a3acfd8484ea65a8b07649aad73abbac8d4973952d93604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/_nuxt/css/44b0601.css

Response headers

content-encoding
gzip
etag
W/"26f7a680215b7b77cd63af3eb0821b91"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68123373 2VNN RT(1728309189603 1535) q(0 0 0 -1) r(2 2)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
684
x-xss-protection
1; mode=block
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/13805fc.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f94.1e100.net
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sans.org
Referer
https://www.sans.org/

Response headers

age
500675
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 18:48:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 18:48:36 GMT
last-modified
Mon, 22 Jul 2019 19:26:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
45416
x-xss-protection
0
server
sffe
ClearSans-Regular.b987360.woff2
www.sans.org/_nuxt/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/fonts/ClearSans-Regular.b987360.woff2
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/13805fc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sans.org
Referer
https://www.sans.org/_nuxt/css/13805fc.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68115511 2VNN RT(1728309189603 1160) q(0 0 0 -1) r(3 3)
cache-control
max-age=30, public
etag
"4dd5d02bf54ad96ae7d03bf6cef6a966"
x-cdn
Imperva
expect-ct
max-age=86400, enforce
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
content-length
44664
date
Mon, 07 Oct 2024 13:53:11 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
font/woff2
x-frame-options
SAMEORIGIN
ClearSans-Bold.e87c5b4.woff2
www.sans.org/_nuxt/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/fonts/ClearSans-Bold.e87c5b4.woff2
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/13805fc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sans.org
Referer
https://www.sans.org/_nuxt/css/13805fc.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68101374 2VNN RT(1728309189603 1161) q(0 0 0 -1) r(2 2)
cache-control
max-age=30, public
etag
"76687bf10bd465fe4da2b0a2b52a7b7a"
x-cdn
Imperva
expect-ct
max-age=86400, enforce
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:40 GMT
content-length
44176
date
Mon, 07 Oct 2024 13:53:10 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 30 Jul 2024 14:35:52 GMT
content-type
font/woff2
x-frame-options
SAMEORIGIN
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/css/13805fc.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.174.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qc-in-f94.1e100.net
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sans.org
Referer
https://www.sans.org/

Response headers

age
500675
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 18:48:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 18:48:36 GMT
last-modified
Mon, 22 Jul 2019 19:27:34 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
46988
x-xss-protection
0
server
sffe
/
addsearch.com/searchui/v3/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addsearch.com/searchui/v3/?key=58b8a4a0d3818cf198ff88f660f8f8f9&i=
Requested by
Host: addsearch.com
URL: https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.174.193.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-193-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1c0c5ff0b154bb67af4fb0e2b9d7cb3d233807021023428e2a9d62a809d054b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Mon, 07 Oct 2024 13:53:12 GMT
Content-Type
application/javascript;charset=UTF-8
Vary
Accept-Encoding
Server
nginx
api.js
www.google.com/recaptcha/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/5150ca9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f105.1e100.net
Software
ESF /
Resource Hash
682b88f0f1fd5bf42172003133508163ff6e590471e29e305417ff645123b95b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 07 Oct 2024 13:53:12 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
a4995a7.js
www.sans.org/_nuxt/ 		105 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/a4995a7.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/5a065f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c2f04545e21ecaf5a7be05b7d11c4677d8bc2f35263544fe517d02ec07621519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
"ab04be2646cd94f62f16e6c66fc090d1"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Thu, 03 Oct 2024 23:51:05 GMT
content-type
text/javascript
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122168 2VNN RT(1728309189603 1633) q(0 0 0 -1) r(2 2)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
108
x-xss-protection
1; mode=block
_Incapsula_Resource
www.sans.org/ 		1 B
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sans.org/_Incapsula_Resource?SWKMTFSR=1&e=0.792579363868507
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex
cache-control
no-cache, no-store
expect-ct
max-age=86400, enforce
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
content-length
1
x-xss-protection
1; mode=block
content-type
text/plain
x-frame-options
SAMEORIGIN
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
sp.min.js
cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/sp.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

access-control-expose-headers
*
content-encoding
gzip
cf-cache-status
HIT
etag
W/"12364-F9/xW8QJROE2aN3C47q1tjOoX0s"
age
13307622
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=imdxwvafFoZzVRZVoG%2FlAqc9fNctNW0lrkMO%2F0hUzkde8VcsX%2BVxRDBLrFnchauZIX8cFEh6Q9Rn5a455hHJR%2BIeEkDE8Gzpw%2BMEq3iyeBVrlNzZyUyBzT1XDfIMo6cUFYe%2Fd0gUsoEe8A3PBwg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:12 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230095-FRA, cache-lga21923-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cee60448b352ef9-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
24276
server
cloudflare
x-jsd-version
3.5.0
otSDKStub.js
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-md5
1C7BuQ3LGAlBcdxyvs3Sgw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCB71B1D7DE39A
age
61244
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 08 Oct 2024 13:53:12 GMT
date
Mon, 07 Oct 2024 13:53:12 GMT
content-type
application/javascript
last-modified
Wed, 07 Aug 2024 19:57:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
a861bc67-801e-00d1-1a03-e92ed5000000
cf-ray
8cee60448ab10cd7-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
6884
x-ms-blob-type
BlockBlob
server
cloudflare
47958af.css
www.sans.org/_nuxt/css/ 		40 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/47958af.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/5a065f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8396fb5d37c2a74a050a68fde26f1867f59ca4ecdbd8ab9c1836133ed3d8b3b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"013fa559c39775c7964ece8a00416198"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Wed, 10 Jul 2024 08:50:43 GMT
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122168 2VNN RT(1728309189603 1920) q(0 0 0 -1) r(2 2)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
4884
x-xss-protection
1; mode=block
46efede.js
www.sans.org/_nuxt/ 		2 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/46efede.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/5a065f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d3b022b3a9c6007c308bb0b0496e7c6b7482e8a67bdf3fc9b117853e60ee944c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"1de3283a29d96e9b4c4ffddc335bd51b"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 17:37:38 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68120944 2VNN RT(1728309189603 1928) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
656
x-xss-protection
1; mode=block
268d68a.css
www.sans.org/_nuxt/css/ 		40 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/css/268d68a.css
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/5a065f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
386949dbfc906b9fde8b158cdb43608c1dba1fc06badc9064380fe43bbc77349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"e7a2a41f6ad0d42f25108023ddc917a5"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Wed, 10 Jul 2024 08:50:43 GMT
content-type
text/css
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68122211 2VNN RT(1728309189603 1924) q(0 0 0 -1) r(2 2)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
4763
x-xss-protection
1; mode=block
437050c.js
www.sans.org/_nuxt/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/_nuxt/437050c.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/_nuxt/5a065f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
898325d90596c086d84594911f4308c209b99ee350b50e22c1cdd078332a297d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf

Response headers

content-encoding
gzip
etag
W/"60f1bc373f0f9f20d4988726c8ca8a2d"
expect-ct
max-age=86400, enforce
x-content-type-options
nosniff
expires
Mon, 07 Oct 2024 13:53:41 GMT
date
Mon, 07 Oct 2024 13:53:11 GMT
last-modified
Tue, 30 Jul 2024 17:37:38 GMT
content-type
text/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-iinfo
7-68123281-68123373 2VNN RT(1728309189603 1931) q(0 0 0 -1) r(1 1)
cache-control
max-age=30, public
x-cdn
Imperva
referrer-policy
strict-origin-when-cross-origin
content-length
3367
x-xss-protection
1; mode=block
recaptcha__en.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 		539 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.144.94 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
qv-in-f94.1e100.net
Software
sffe /
Resource Hash
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.sans.org
Referer
https://www.sans.org/

Response headers

content-encoding
gzip
age
443593
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 02 Oct 2025 10:39:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 02 Oct 2024 10:39:59 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
218137
x-xss-protection
0
server
sffe
tp2
api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security includeSubdomains; preload; max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.sans.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Referer,User-Agent,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.sans.org
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
content-type
application/json
date
Mon, 07 Oct 2024 13:53:12 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
includeSubdomains; preload; max-age=31536000
vary
Origin
x-amz-apigw-id
fSEnbFcRIAMFyjQ=
x-amzn-requestid
0096759c-153e-40b5-bc5b-50ba80b1619b
x-amzn-trace-id
Root=1-6703e7c8-0b3d03e06766fc006f725ed7
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
5-63528764-63528774 NNNN CT(61 68 0) RT(1728309191800 73) q(0 0 2 0) r(2 2) U24
x-xss-protection
1; mode=block
tp2
api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/ 		0
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/sp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security includeSubdomains; preload; max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.sans.org/

Response headers

x-amzn-remapped-content-length
0
x-amzn-remapped-connection
keep-alive
x-content-type-options
nosniff
x-amzn-requestid
e1a1166b-ad64-4955-934a-d4d244433d17
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/json
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
includeSubdomains; preload; max-age=31536000
x-iinfo
7-68123281-68123602 NNNN CT(55 56 0) RT(1728309189603 2530) q(0 1 2 105) r(3 3) U24
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
x-amz-apigw-id
fSEnfFumoAMF0eg=
x-amzn-remapped-date
Mon, 07 Oct 2024 13:53:13 GMT
x-cdn
Imperva
x-amzn-trace-id
Root=1-6703e7c9-4604dddf6d43a6456f526890
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://www.sans.org
content-length
0
x-xss-protection
1; mode=block
b943c60c-995d-4bbc-943e-56b9f742642c.json
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/b943c60c-995d-4bbc-943e-56b9f742642c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19e69e2a7d7342a398d73ee1baf1a7c137fd278b787f0e2c82d49728fe9d3890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-md5
wGZGE1/gIVIBcLiYLX9eUA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCB71B1D5663B3
age
60046
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 08 Oct 2024 13:53:12 GMT
date
Mon, 07 Oct 2024 13:53:12 GMT
content-type
application/json
last-modified
Wed, 07 Aug 2024 19:57:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
29ceea1b-401e-0088-7103-e92b53000000
cf-ray
8cee6045ffed78e6-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
1784
x-ms-blob-type
BlockBlob
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		71 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.sans.org/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8cee60475e0b7ba1-LAX
access-control-allow-origin
*
date
Mon, 07 Oct 2024 13:53:12 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202311.1.0/ 		427 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-md5
1EE1PYD7uD6VTAMrTql67g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D34632AA7A
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
62731
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 13:53:12 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 20:10:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c028eac3-501e-009c-0ebe-d7e837000000
cf-ray
8cee6047edfc0cd7-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
105094
x-ms-blob-type
BlockBlob
server
cloudflare
anchor
www.google.com/recaptcha/api2/ Frame 3CB4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=5r1vvvgscxv5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f147.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-528uSPpCePPhkVhTMc2gqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sans.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-528uSPpCePPhkVhTMc2gqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 13:53:13 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
en.json
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/3d660176-e7c1-43d3-85d9-e7c1d5aad5e0/ 		91 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/3d660176-e7c1-43d3-85d9-e7c1d5aad5e0/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7837960def38478061c81b8eb8418bf98cc34a67c65e03c5a10abfa5ab55e214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-md5
DsdmtnNI9iVJsGR2bTQMKg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DCB71B1D6E3DB0
age
60046
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 08 Oct 2024 13:53:13 GMT
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/json
last-modified
Wed, 07 Aug 2024 19:57:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
dcbe40ea-f01e-003b-7403-e9d1d4000000
cf-ray
8cee6048da9878e6-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
19382
x-ms-blob-type
BlockBlob
server
cloudflare
otFlat.json
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-md5
GIzNmS9Em9y5nN4NL57NeA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5D340F5F432
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
60465
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 20:09:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
f9e215ab-e01e-0024-14cb-d70ac4000000
cf-ray
8cee60499b7b78e6-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
3017
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-md5
c7xAZ9MSGAobGaTYg/Qtag==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
54025
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 20:10:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
3d2c1a9d-d01e-00a4-1654-d8a96e000000
cf-ray
8cee60499b7e78e6-LAX
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
js
www.googletagmanager.com/gtag/ 		299 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-18EC69JQ0P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::61 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f898115974858eed5c6d39f498eab325d7b225708ccbda857eaf185e0e6b47a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 07 Oct 2024 13:53:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101745
x-xss-protection
0
server
Google Tag Manager
hotjar-609302.js
static.hotjar.com/c/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-609302.js?sv=6
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-49.iad55.r.cloudfront.net
Software
/
Resource Hash
95250041e6ed5d53b3d84f8d201e5f713bc7b8cc5bc8ff11e6a9e52401215f2e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/21d9e34c56fcfe6ce2a0e85cb36c2518
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 aef197034a978e986954f2826c90b090.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
5fqMm3tD1jTmDcePiYsywaDso4Kma0EZdlK2XVEl4xqfN4Bl_GXiTA==
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
IAD55-P1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

cache-control
max-age=18600
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Mon, 07 Oct 2024 13:53:13 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
vbpx.js
s.vibe.co/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.vibe.co/vbpx.js
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:d000:2:6431:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8c1b3c9f4addf1de528eaee3bd6326f78d80955e57628518543a4de838c50a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

content-encoding
gzip
etag
"680efddb9266d880335ef5dcc6a71568"
age
4762
x-cache
Hit from cloudfront
x-amz-cf-id
fsxneO5mwbeVXSV2b0ro4iW68iGLgsPj3s1EELMTyhhzBPoqHkiF5A==
date
Mon, 07 Oct 2024 12:33:51 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 11 Sep 2024 13:08:02 GMT
cache-control
max-age=31536000, no-transform, public
via
1.1 e80aeefdda01afc3c41fc332ff42e7ac.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2247
x-amz-cf-pop
JFK50-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-18EC69JQ0P&gtm=45je4a20v897849904z8813203220za200zb813203220&_p=1728309191490&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101671035~101747727&cid=2041574246.1728309193&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1728309193&sct=1&seg=0&dl=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&dt=404%20-%20Page%20Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3152
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-18EC69JQ0P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.sans.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
543 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-18EC69JQ0P&cid=2041574246.1728309193&gtm=45je4a20v897849904z8813203220za200zb813203220&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101529665~101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-18EC69JQ0P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.sans.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 1F1F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-18EC69JQ0P&gacid=2041574246.1728309193&gtm=45je4a20v897849904z8813203220za200zb813203220&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101529665~101671035~101747727&z=1342106602
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-18EC69JQ0P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::9d Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sans.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 07 Oct 2024 13:53:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
t.vibe.co/pixel/ 		16 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.vibe.co/pixel/s?aid=Rl3x38&cid=1772eed0-cdda-4601-955e-fe4538000f06&gid=GA1.1.2041574246.1728309193&eid=9b5d01f9-bc72-4b34-baa7-c4070645f897&a=page_view&ed=&v=3&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&ifr=0&ref=&ts=1728309193622&sr=1600x1200&vp=1600x1200&trk=trkid&t=xhr
Requested by
Host: s.vibe.co
URL: https://s.vibe.co/vbpx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.11.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-11-170.compute-1.amazonaws.com
Software
/
Resource Hash
cca55903fc065c308bc958d7cebc0f93c5fdf986deab6c1709d9f63aea917c73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

access-control-allow-origin
https://www.sans.org
content-length
16
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/json
access-control-allow-credentials
true
attribution_trigger
px.ads.linkedin.com/ 		2 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Referer
https://www.sans.org/

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
000623e3578f1fc456d5c2dd210ef093
x-msedge-ref
Ref A: AB1F60BEA0F2410D9D25A64A26DEF70D Ref B: LAX311000112017 Ref C: 2024-10-07T13:53:13Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYj41ePH8RW1cLdIQ7wkw==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D118983%26time%3D1728309193628%26url%3Dhttps%253A%252F%252Fwww.sans.org%252Fdigita...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=tru...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=tr...
0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=true&liSync=true&e_ipv6=AQI_xeYi1IpDKwAAAZJnQW3FGoFUStoA2DUk1ddiljdKIYgEJ9T8tla-xFTZ9EiDMedyyQ
Requested by
Host: www.sans.org
URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E82310225A3340E1A05C01BCCA428674 Ref B: LAX311000110017 Ref C: 2024-10-07T13:53:14Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYj41eYdPX+Juhj+WEC1g==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 07 Oct 2024 13:53:13 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=118983&time=1728309193628&url=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&cookiesTest=true&liSync=true&e_ipv6=AQI_xeYi1IpDKwAAAZJnQW3FGoFUStoA2DUk1ddiljdKIYgEJ9T8tla-xFTZ9EiDMedyyQ
x-msedge-ref
Ref A: D261F4B0B0D84631800BA32F87EE8444 Ref B: LAXEDGE2012 Ref C: 2024-10-07T13:53:14Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYj41eUakdus70Hasc/Fg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 07 Oct 2024 13:53:14 GMT
modules.c455055d4255707cc766.js
script.hotjar.com/ 		224 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.c455055d4255707cc766.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-609302.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-26.iad61.r.cloudfront.net
Software
/
Resource Hash
00f9c41f792123ed96bd748bccf04480481b0a283a40fb39d714551772a8d9cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

x-robots-tag
none
content-encoding
br
etag
"00be896dff288cee0f2fab3c81ad1a2f"
age
7806
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
zZr77qvOx6YIW4IrIIfbqPOn9BEHuqLlDAHe2eOSTFHBik2bD5Kekg==
date
Mon, 07 Oct 2024 11:43:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 11:42:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 1997ad0bf5574ecfb87c76a899e17a30.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56546
x-amz-cf-pop
IAD61-P5
survey-v2.6d20e358dd11d3a0ca2c.js
script.hotjar.com/ 		302 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/survey-v2.6d20e358dd11d3a0ca2c.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c455055d4255707cc766.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-26.iad61.r.cloudfront.net
Software
/
Resource Hash
f7968eee3f03118099ae67d995a927c313c286913f8da65da41ad0d843d6dbf4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

x-robots-tag
none
content-encoding
br
etag
"2a1e73dff8d284257f34d4ac3b07fb67"
age
7806
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
1VNV4190pb7mIOqIIP3XDK4M7482uMcIp-56ds_jYyfBhDMeD8Azuw==
date
Mon, 07 Oct 2024 11:43:08 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 07 Oct 2024 11:42:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 1997ad0bf5574ecfb87c76a899e17a30.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
70435
x-amz-cf-pop
IAD61-P5
hit
surveystats.hotjar.io/ 		0
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surveystats.hotjar.io/hit?id=1078904&device=desktop
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.c455055d4255707cc766.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-69.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

access-control-max-age
0
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id
null
age
2137922
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
4ns37Y43VhlI2SL_s44x8zk-1_WIMEMPY3vmy_z2rW3FBqZXvAOTDg==
date
Thu, 12 Sep 2024 20:01:13 GMT
content-type
binary/octet-stream
last-modified
Wed, 27 Jan 2021 15:23:17 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public,max-age=0
via
1.1 484143b810d1d7dffb3cb751b952d57a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-amz-cf-pop
JFK52-P6
server
AmazonS3
/
px.ads.linkedin.com/wa/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sans.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F5F9E75CE5C24967B4CCEDF6038A4355 Ref B: LAXEDGE2012 Ref C: 2024-10-07T13:53:14Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYj41ecre03I3ZH4qOgrg==
x-li-proto
http/2
access-control-allow-origin
https://www.sans.org
x-cache
CONFIG_NOCACHE
date
Mon, 07 Oct 2024 13:53:14 GMT
vary
Origin
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-18EC69JQ0P&gtm=45je4a20v897849904za200zb813203220&_p=1728309191490&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101529665~101671035~101747727&cid=2041574246.1728309193&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728309193&sct=1&seg=0&dl=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&dt=404%20-%20Page%20Not%20Found&en=scroll&epn.percent_scrolled=90&_et=44&tfd=4294
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-18EC69JQ0P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.sans.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 13:53:14 GMT
content-type
text/plain
server
Golfe2
cropped-SANS-Blue-Square-32x32.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2f0555dca45e068f/60a7f26ea450c25ac83cf8f6/ 		935 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2f0555dca45e068f/60a7f26ea450c25ac83cf8f6/cropped-SANS-Blue-Square-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
bedaa7c98fc593dbe10a8d3825cb9910f8436dfb90450fda921ba2966a2c740e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.sans.org/

Response headers

fastly-io-info
ifsz=1126 idim=32x32 ifmt=png ofsz=935 odim=32x32 ofmt=png
x-request-id
f045eef0aae2cf5cdcc3c4e0819dffc3
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
etag
"0UgNkq5Vh0vzcW4qaVHRvvhAOXYsvromPAg0fKVporo"
x-cache
HIT, HIT
date
Mon, 07 Oct 2024 13:53:14 GMT
content-disposition
inline; filename=cropped-SANS-Blue-Square-32x32.png
x-served-by
cache-sjc10040-SJC, cache-bur-kbur8200046-BUR
x-runtime
80ms
content-type
image/png
x-contentstack-organization
blt848504a4924ca8db
x-cache-hits
25, 0
fastly-stats
io=1
cache-control
max-age=31536000
x-timer
S1728309195.629794,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
935
fastly-io-served-by
vpop-haf2300709
server
contentstack

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| optimizely object| dataLayer object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render object| __NUXT__ object| addsearch_custdata object| AddSearchAsync object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| _0x715f function| _0xf715 object| numberA string| addsearch_suid object| addsearch_searchsettings object| addsearch_i18n string| addsearch_html string| addsearch_social object| addsearchUtils object| addsearch boolean| addSearchSupportsPassive object| opts object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| GlobalSnowplowNamespace function| snowplow function| onYouTubeIframeAPIReady object| $nuxt object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| OptanonWrapper object| FontAwesomeConfig object| ___FONT_AWESOME___ string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| recaptcha object| closure_lm_697877 object| Optanon object| OneTrust function| hj object| _hjSettings string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| vbpx object| gaGlobal boolean| _already_called_lintrk object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| ORIBILI

26 Cookies

Domain/Path Name / Value
digital-forensics.sans.org/ Name: AWSALB
Value: +Fyjrdej+avUW2v5KcARYz56OTWMGH8gidNccKAutFCIMpuQXaNbDgQmrFZEu7rYAFwTlyF9bXveZrdJ1XIQOOXCfX3+nTFJeIagHWHcxoamGmu1urrgsRXuSBDp
digital-forensics.sans.org/ Name: AWSALBCORS
Value: +Fyjrdej+avUW2v5KcARYz56OTWMGH8gidNccKAutFCIMpuQXaNbDgQmrFZEu7rYAFwTlyF9bXveZrdJ1XIQOOXCfX3+nTFJeIagHWHcxoamGmu1urrgsRXuSBDp
digital-forensics.sans.org/ Name: visid_incap_1819929
Value: Gzv4+8NFSWGtOCzV3OiKNcXnA2cAAAAAQUIPAAAAAACgTcnmjbJhnMGjV8CklNPg
digital-forensics.sans.org/ Name: nlbi_1819929
Value: g/VQc9PAShc2HpEULyVZfwAAAABBi6i+9SFR4LtiBx4+nzCl
digital-forensics.sans.org/ Name: incap_ses_882_1819929
Value: QIU+H+BbRgvZgvxTe349DMXnA2cAAAAA/4FCppGrJrVXyQrke+8iZQ==
.sans.org/ Name: visid_incap_1329355
Value: n3EAeq6DQbe9uMOndhH1kcbnA2cAAAAAQUIPAAAAAAD9pdLUyS04BHtRUKI3IrIq
.sans.org/ Name: nlbi_1329355_2277483
Value: gU7pDiRcQne2PergOuH6GQAAAACiTFeV1rSEmeasdcVZVBdR
.sans.org/ Name: incap_ses_882_1329355
Value: J+++F4XYqX6yg/xTe349DMbnA2cAAAAAjrjDKjGzUGS0aur5NROy5Q==
.sans.org/ Name: spses.6b32
Value: *
.sans.org/ Name: spid.6b32
Value: ddfc9ff4-6d11-45c2-85db-87c3eb5f4b74.1728309192.1.1728309192..ea1eb46d-5aa3-4c71-b2e1-32d95d508108..88e0868d-da87-49ad-94b4-96d80bffa241.1728309192470.1
.sans.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Oct+07+2024+03%3A53%3A13+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=9a5c5b6c-0545-44e3-b650-a917376b891c&interactionCount=0&landingPath=https%3A%2F%2Fwww.sans.org%2Fdigital-forensics-incident-response%2Fmedia%2Fposter_2014_find_evil.pdf&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
api.sans.org/ Name: visid_incap_2809573
Value: vpKX+fZxRJKz2Rb4t/TP/sfnA2cAAAAAQUIPAAAAAAB3qxCqQrU/gxLTphI2JLUq
api.sans.org/ Name: nlbi_2809573_2682479
Value: NDt/B0xPo0jyWnKg4LPcvAAAAACN2sYH9ywOirlBd8ThJr18
api.sans.org/ Name: incap_ses_882_2809573
Value: NLiXLntFXQkJh/xTe349DMjnA2cAAAAAqor2comza2Bd070DUWWTFg==
.sans.org/ Name: _ga
Value: GA1.1.2041574246.1728309193
www.sans.org/ Name: _vb
Value: 1772eed0-cdda-4601-955e-fe4538000f06
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: li_sugr
Value: 8a32a42e-ee08-4627-9947-663433081ee9
.linkedin.com/ Name: bcookie
Value: "v=2&6204b687-9be7-4dc1-8aed-3df103f793ab"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2952:u=1:x=1:i=1728309193:t=1728395593:v=2:sig=AQEAdofhzP5qOfVEKTap9HKM6Yix6r--"
.linkedin.com/ Name: UserMatchHistory
Value: AQJXQ27p6uL8XgAAAZJnQWzSwD9ZCIqPOWTd52lqNYF_4nZdNFXn_pWyAXhYSA2fuyOi-7ahATHJtw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLhMDhElxX5TwAAAZJnQWzSh6uCk6F-OnfBN-eUMz7NeQwYMsbtQmALPVPHnFlMMQ5xiGQVJV_0YePX3a8Y5w
.www.linkedin.com/ Name: bscookie
Value: "v=1&20241007135314aa712e68-b2b1-48c2-834f-11732f84bcebAQEWhvhFvQux8H4dVzhc-Y-fetcu73O9"
.sans.org/ Name: _hjSessionUser_609302
Value: eyJpZCI6ImQ1MmNhZmQ2LThiMTktNWM1Ny1iZTJlLTJhN2U2NWFmMTFkMCIsImNyZWF0ZWQiOjE3MjgzMDkxOTQyMjksImV4aXN0aW5nIjp0cnVlfQ==
.sans.org/ Name: _hjSession_609302
Value: eyJpZCI6IjU0NTNlNjgyLWM4NDgtNDdiMC05NTA2LTdkNDc4OGRhMWM0MCIsImMiOjE3MjgzMDkxOTQyMzAsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.sans.org/ Name: _ga_18EC69JQ0P
Value: GS1.1.1728309193.1.0.1728309194.59.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://www.sans.org/digital-forensics-incident-response/media/poster_2014_find_evil.pdf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsearch.com
analytics.google.com
api.sans.org
cdn.cookielaw.org
cdn.evgnet.com
cdn.jsdelivr.net
cdn.optimizely.com
digital-forensics.sans.org
fonts.gstatic.com
geolocation.onetrust.com
images.contentstack.io
px.ads.linkedin.com
px4.ads.linkedin.com
s.vibe.co
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
surveystats.hotjar.io
t.vibe.co
td.doubleclick.net
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.sans.org
13.107.42.14
142.251.174.94
151.101.192.114
151.101.2.137
173.194.205.105
173.194.205.147
18.160.41.49
209.85.144.94
2600:1408:c400:5::17c7:3719
2600:9000:2510:d000:2:6431:e200:93a1
2606:4700:4400::6812:2089
2606:4700::6812:4139
2606:4700::6812:562a
2606:4700::6812:bb1f
2607:f8b0:4004:c1f::66
2607:f8b0:400d:c02::9d
2607:f8b0:400d:c04::9c
2607:f8b0:400d:c07::61
2620:1ec:21::14
3.167.56.26
3.168.102.69
45.60.31.34
54.146.11.170
54.174.193.21
0062916450081cbccd3916606660850883a2996207ef459f7b0bb4fc1c17a015
00f9c41f792123ed96bd748bccf04480481b0a283a40fb39d714551772a8d9cd
02341acfd22526ad4569d86455a9c94ab08194bd40f329df6577362aa9fe78ee
0291038e1dab29b2b5d6ee42c102c6249b47e141ac84a88e5b335236474ac129
0ddf1c3008869a04f57100949a5540f5cd285d893181070e68ae3d051e97c290
0e7dcd24f724760d2fc0950cb5343c41a414499feb22339cb69d4a3101b2684b
19e69e2a7d7342a398d73ee1baf1a7c137fd278b787f0e2c82d49728fe9d3890
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1f4e6bbe317244c09dee39aad1db644c1b4bfd29bb238e7abc0b30c81f098e5a
24324a9bd320baa88183615ec6457d55ec84017254c3a08859d5a1ce0bbc78e1
2e8c1b3c9f4addf1de528eaee3bd6326f78d80955e57628518543a4de838c50a
3332992e96bc009b7a3acfd8484ea65a8b07649aad73abbac8d4973952d93604
3386c3271fed365e713b17e8c7dd51cee0a7a8617c338129507ec06ef09d8145
37cba10e43067a0214b42d54d09875849f601a914a463c0c1fcacd299070396b
386949dbfc906b9fde8b158cdb43608c1dba1fc06badc9064380fe43bbc77349
3faf06748feaa1c7bc8d9d84d262d209c9c47005cbc5be246743b32e2490d7f8
43f53421fef96a525b5fc208f6a59bd72479f0d9816dba0a416f68ee81d648a6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cbb7b555b01f5c866d63febd6c47f1c1004c01c7c64bcdab7eb5f753072daa4
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
5ac64c4b40ed29ce00988c16984e36c659256fa1f364af9d13c499bbd832450d
602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3
64a8b107e8066512938fc0a610a06d06950f198cde03dc025a5781623dd688f3
682b88f0f1fd5bf42172003133508163ff6e590471e29e305417ff645123b95b
76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0
76e987438e99c6477838308a149d379d791c4e9692e53f15627d68b5d93cd999
7837960def38478061c81b8eb8418bf98cc34a67c65e03c5a10abfa5ab55e214
78ca04ceaa354592535991dc60ee768438f0ee7ced1224c5b8e8bd5e5a24898c
7d30435414031894c25be74ea98bde63a851f84e547ea6d942b21f1f0a37e233
8396fb5d37c2a74a050a68fde26f1867f59ca4ecdbd8ab9c1836133ed3d8b3b7
898325d90596c086d84594911f4308c209b99ee350b50e22c1cdd078332a297d
899cc267d0d10536bbc12bf509ecfb65c7d3d28d781291bd7ecc8e2be9299020
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a6646b095c7d076542a68f694aad3bd445337cf0a499a388cf107a111189a8a
8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1
95250041e6ed5d53b3d84f8d201e5f713bc7b8cc5bc8ff11e6a9e52401215f2e
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
99755c96c0916d2ddb174b63841608ab51faf2830a6d7f2b5d76580bf1c2d17c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aa5707b114579a33f6bd2f1e5bdb28399e0a76431d31c34733664a8b6e2b8f
a1f43c0391f3915579539826042bf119668280ba4a0b70a688681cc4cb286639
a29fa7fda8f630e6f97901fe8d51d9419f649200b3ea4dfe57ccf55b2362fee0
a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2
a628f321e1bd6566cc7064037832cabbcc3a58455e0b95a4518cef486dd95926
b1c0c5ff0b154bb67af4fb0e2b9d7cb3d233807021023428e2a9d62a809d054b
b5e8ec5d4dcc080657deb2d004f65d974bf4ec9e9aa5d621e10749182fff8731
b698a7613b5699ab82438105b51d1391ffa6103ce23ad2068e7f66479d1e2baf
ba02d5bd6b9fb4d0444627ac4571d82445dacd518a7e73d50a0a65fd6c24d4d9
bbb6b62445763c998d79d735810f828a19922da763c41c5895b486ad0f3e8124
be3b161eca24051313cc59d561426001989e585ef63bfb64336994902d2322c9
bedaa7c98fc593dbe10a8d3825cb9910f8436dfb90450fda921ba2966a2c740e
c00f9dc81a56d6a9ff84c25d8c7f22c3712dd8fee84754e2a6ae44182c091996
c1236d3af38b7d049eca1f27f6b2a7acedbf1d6168cee99138ab4730a24fdd6d
c2f04545e21ecaf5a7be05b7d11c4677d8bc2f35263544fe517d02ec07621519
cc485f9a63ffabfb8d7f4c9b8e8d474001d25099962cd0c75147e5c6c325b022
cca55903fc065c308bc958d7cebc0f93c5fdf986deab6c1709d9f63aea917c73
d00cff0558e199b2f61f0aaad199380a689e24e6be501790ca520eb831760e09
d3aca8f061e58208d25e5a8baefdcdca43dfe9317d742b311c9021f1fbd4e0b7
d3b022b3a9c6007c308bb0b0496e7c6b7482e8a67bdf3fc9b117853e60ee944c
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
df6379fe8c34adfb99a5983b564a2c050fde0b61244171c78ebdf08109379603
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
f1d10dcec893755a761040ab7e82d89a623254639639bb080dca2b69ca0a419c
f6c3e9b09c8cf82c17e6b37dcd3d1fe6f643d908ef6a638b2908fe257b1fd060
f7968eee3f03118099ae67d995a927c313c286913f8da65da41ad0d843d6dbf4
f898115974858eed5c6d39f498eab325d7b225708ccbda857eaf185e0e6b47a0
fbe6192fb8fcc0bf4850a915662b12da06aa607c7bf444226df3ee8ae162b35b