www.iad.gov Open in urlscan Pro
8.44.96.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Submission: On February 04 via manual (February 4th 2021, 4:06:20 am UTC) from US

Summary HTTP 31 Redirects Links 19 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 31 HTTP transactions. The main IP is 8.44.96.42, located in United States and belongs to LEVEL3, US. The main domain is www.iad.gov.
TLS certificate: Issued by DOD SW CA-54 on January 31st 2019. Valid for: 3 years.

This is the only time www.iad.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 33	8.44.96.42 8.44.96.42		3356 (LEVEL3) (LEVEL3)
31	1

33 8.44.96.42 (United States) 2 redirects

ASN3356 (LEVEL3, US)

www.iad.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	iad.gov 2 redirects www.iad.gov	288 KB
31	1

	Domain	Requested by
33	www.iad.gov	2 redirects www.iad.gov
31	1

This site contains links to these domains. Also see Links.

Domain
www.nsa.gov
www.intelligencecareers.gov
www.defense.gov
www.dni.gov
icontherecord.tumblr.com
www.intelligence.gov
www.usa.gov
www.twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
www.iad.gov DOD SW CA-54	`2019-01-31` - `2022-01-31`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Frame ID: 54B2424C8D9C3128DD38BB852FB71A10
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring... HTTP 302
https://www.iad.gov/my.policy HTTP 302
https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring... Page URL

Detected technologies

CFML (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Lightbox (JavaScript Libraries) Expand

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

287 kB
Transfer

585 kB
Size

6
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nsa.gov/
Title: NSA.gov

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/about/contact-us/#subject:cyber-requirements
Title: NSA Cybersecurity Requirement Center?

Search URL Search Domain Scan URL

URL: http://www.intelligencecareers.gov/nsa
Title: Apply for a Career Now

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/terms-of-use.shtml##access
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/about/civil-liberties/
Title: Civil Liberties & Privacy

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/about/diversity/no-fear/
Title: No FEAR Act

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/resources/everyone/foia/
Title: Freedom of Information Act

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/about/oig/
Title: Inspector General

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/terms-of-use.shtml##terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/terms-of-use.shtml##privacy
Title: Web Privacy & Security

Search URL Search Domain Scan URL

URL: http://www.defense.gov/
Title: Defense.gov

Search URL Search Domain Scan URL

URL: https://www.dni.gov/
Title: DNI.gov

Search URL Search Domain Scan URL

URL: http://icontherecord.tumblr.com/
Title: IC on the Record

Search URL Search Domain Scan URL

URL: https://www.intelligence.gov/
Title: Intelligence.gov

Search URL Search Domain Scan URL

URL: https://www.usa.gov/
Title: USA.gov

Search URL Search Domain Scan URL

URL: https://www.nsa.gov/about/cryptologic-heritage/center-cryptologic-history/insignia/#css

Search URL Search Domain Scan URL

URL: http://www.twitter.com/nsagov
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NSAUSGOV/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCXfnaN5jl0RPR1dirFTOZ3A
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm HTTP 302
https://www.iad.gov/my.policy HTTP 302
https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set spotting-the-adversary-with-windows-event-log-monitoring.cfm Show response
www.iad.gov/iad/library/reports/
Redirect Chain

https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
https://www.iad.gov/my.policy
https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm

36 KB
37 KB

1053ms
762ms

Document
text/html

8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

8.44.96.42 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f9386501c5f83e71b1ee106c54df3658d369d9f8a65b4b726c0cd3d2a5026b26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.iad.gov
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: LastMRH_Session=7eb750c5; F5_ST=1z1z1z1612411558z604800; MRHSession=51bde9a93e222baa74cafc167eb750c5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: CFID=23489508; Path=/; HttpOnly CFTOKEN=74338783; Path=/; HttpOnly JSESSIONID=F05DF73192927D9285CB935E5A218D08.cfusion; Path=/; HttpOnly
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-Powered-By: ASP.NET
Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Length: 37207

Redirect headers

Server: BigIP
Connection: Close
Set-Cookie: F5_ST=1z1z1z1612411558z604800;path=/;secure LastMRH_Session=7eb750c5;path=/;secure MRHSession=51bde9a93e222baa74cafc167eb750c5;path=/;secure
Content-Length: 0
Location: /iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm

GET
H/1.1 200
OK jquery-1.12.js Show response
www.iad.gov/ADF/thirdParty/jquery/ 95 KB
33 KB 434ms
145ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/ADF/thirdParty/jquery/jquery-1.12.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Dec 2017 21:15:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "08e44e6a7bd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33835

GET
H/1.1 200
OK browser-all.js Show response
www.iad.gov/commonspot/javascript/ 11 KB
4 KB 445ms
153ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/javascript/browser-all.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 194f701b95320f2cd99eab5b331b497ddba4a8036454b943bf79ba3f66978373

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Jan 2019 18:42:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "047b5d94aed41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK iad.css
www.iad.gov/iad/style/ 74 B
317 B 384ms
148ms Stylesheet
text/css 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/iad/style/iad.css
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5723d0f66ffe2eab7c0dad73342fce944d37d36a064ea647bf00edfe9e611c4f

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Last-Modified: Fri, 09 Oct 2015 20:37:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "987d15ad22d11:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 74

GET
H/1.1 200
OK style.css
www.iad.gov/iad/style/ 100 KB
22 KB 429ms
147ms Stylesheet
text/css 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/iad/style/style.css
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 039aafa965210905731a5051a046983f7b21129cbc9d5bc1a24faa7612aae204

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2019 21:14:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8097d39fcfddd41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 21773

GET
H/1.1 200
OK modernizr.min.js Show response
www.iad.gov/iad/javascript/ 15 KB
6 KB 444ms
153ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/iad/javascript/modernizr.min.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c7fecbaa767691ff2dc8f9701021e7c7a9edfc4c02133866d529791ceee4c2d0

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2013 22:32:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "030acd77fbce1:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6258

GET
H/1.1 200
OK main.js Show response
www.iad.gov/iad/javascript/ 7 KB
2 KB 650ms
265ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/iad/javascript/main.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1c2b499e2dfff0ee1d5fa4faa5f5bf116c278d3a4778ab89517f648bffe67c1a

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2015 17:46:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80a9b3132922d11:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1719

GET
H/1.1 200
OK commonspot.css
www.iad.gov/commonspot/ 15 KB
4 KB 435ms
149ms Stylesheet
text/css 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/commonspot.css
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c97e5d18a9cb3decec7d636ec2ba02f48b81071a161402e4177583912560abf4

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Feb 2019 18:30:38 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0dbde3813bfd41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3838

GET
H/1.1 200
OK plus-shadow.png
www.iad.gov/iad/templates/images/ 2 KB
2 KB 152ms
150ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/templates/images/plus-shadow.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 577bb18de3485861b7aabc359f4b8b04e0ecc7d8d52b5d79937639a43011b971

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Fri, 16 Oct 2015 20:02:03 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4ecbbe864d8d11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1540

GET
H/1.1 200
OK minus-shadow.png
www.iad.gov/iad/templates/images/ 1 KB
1 KB 146ms
144ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/templates/images/minus-shadow.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 379f0897cfe86479c5d7fd4cab74e1897324dc595deb54c55c8c81798f5c3d6d

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Fri, 16 Oct 2015 20:02:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "ae7860964d8d11:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1117

GET
H/1.1 200
OK NSA-CSS-logo.png
www.iad.gov/iad/templates/images/ 9 KB
10 KB 378ms
263ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/templates/images/NSA-CSS-logo.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1b77edac90135d53758a28dcca390570a63f30ff4fa0954b63aded2e04f7f2e7

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Thu, 16 Aug 2018 21:00:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "60684f28a435d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9563

GET
H/1.1 200
OK search-icon-64.png
www.iad.gov/iad/templates/images/ 1 KB
1 KB 264ms
148ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/templates/images/search-icon-64.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3a83a4d380dba7b6466d63317e0a6239a140e0568c444d7673a67d2f2ce0f95e

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Wed, 08 Apr 2015 15:42:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80c195a41272d01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1092

GET
H/1.1 200
OK breadcrumb-home-icon.png
www.iad.gov/iad/templates/images/ 254 B
501 B 144ms
144ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/templates/images/breadcrumb-home-icon.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fbbe08ac8deae1f5f20ae58e1252a7107187832ee80a6598a07f3511c863c83b

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Tue, 07 Apr 2015 21:32:41 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80e256607a71d01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 254

GET
H/1.1 200
OK footerNSASeal.png
www.iad.gov/iad/images/ 18 KB
18 KB 147ms
147ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/images/footerNSASeal.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 006b4da7981ee43dcfe3a94f3f68586672dbab6374d2c94d3dbbd678e7940bf0

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Wed, 26 Sep 2018 20:24:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c085e0e0d655d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 18581

GET
H/1.1 200
OK footerCSSSeal_1.png
www.iad.gov/iad/images/ 17 KB
18 KB 150ms
150ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/images/footerCSSSeal_1.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0f72be2a50695821ec1652ae9755b278478456f825edf51a0096ae6e40fd7ad1

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Wed, 26 Sep 2018 20:22:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "207df79ad655d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17778

GET
H/1.1 200
OK twitterIcon.png
www.iad.gov/iad/images/ 4 KB
4 KB 510ms
509ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/images/twitterIcon.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 41ab0b4898f1e6a76a3e2f36ced34066467ebf93a1b0588de4e1b8da99e21ebf

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Wed, 26 Sep 2018 21:20:29 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "538c5c0de55d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3853

GET
H/1.1 200
OK facebook-Icon.png
www.iad.gov/iad/images/ 21 KB
21 KB 152ms
151ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/images/facebook-Icon.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c59012f78746562b628905cc6a1a6f4c89617f44a2f4443663b5e5c675c17717

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Tue, 02 Oct 2018 21:59:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f05a412f9b5ad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 21189

GET
H/1.1 200
OK youtube.png
www.iad.gov/iad/images/ 16 KB
16 KB 146ms
146ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/images/youtube.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c20d383e1065cfebe4113236dc47e0ebb36be6e28732086e25f587677b52e95b

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Tue, 02 Oct 2018 21:59:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "f05a412f9b5ad41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16102

GET
H/1.1 200
OK overrides.js Show response
www.iad.gov/commonspot/javascript/lightbox/ 20 KB
6 KB 482ms
481ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/javascript/lightbox/overrides.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9b16917840f707473ed1264e3e7d93e6cfd765f9e3bb3fb1aeb3952e511eb88c

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:05:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Dec 2017 00:02:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0f15be16e74d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5952

GET
H/1.1 200
OK window_ref.js Show response
www.iad.gov/commonspot/javascript/lightbox/ 13 KB
4 KB 149ms
148ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/javascript/lightbox/window_ref.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a2e628ca75626f434df6a6a54e24533b3df91ed02fb7d38f6616160c98186356

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 Jan 2019 18:28:48 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0f069ce92b9d41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3714

GET
H/1.1 200
OK always-include-common.js Show response
www.iad.gov/commonspot/pagemode/ 2 KB
2 KB 152ms
150ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/pagemode/always-include-common.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7080c502f4002c69e9ecd261b1103eb8879f6276b007529c69d677b929009d08

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Thu, 07 Feb 2019 18:31:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0d8224d13bfd41:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1832

GET
H/1.1 200
OK always-include-ns.js Show response
www.iad.gov/commonspot/pagemode/ 4 KB
1 KB 150ms
148ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/pagemode/always-include-ns.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c87f378b73c687c513d6938528d95859e586401571fc6c2795f20566af022c5d

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Feb 2019 18:31:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0d8224d13bfd41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1200

GET
H/1.1 200
OK pods-equal-heights.js Show response
www.iad.gov/iad/javascript/ 2 KB
2 KB 511ms
367ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/iad/javascript/pods-equal-heights.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3a24b1c080c585b61dff4604d7479593a71a2e4ffe6147214d46717eca761a74

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Wed, 23 Mar 2016 20:52:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "422217dc4585d11:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1639

GET
H/1.1 200
OK column-config-call.js Show response
www.iad.gov/iad/javascript/ 566 B
825 B 295ms
147ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/iad/javascript/column-config-call.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 57de2d482a89ea8802b2b525be5b246da1aceff9ec7582373185606136699173

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Tue, 05 May 2015 20:07:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0d3201b6f87d01:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 566

GET
H/1.1 200
OK DroidSans-webfont.woff
www.iad.gov/iad/templates/fonts/droidsans_regular_macroman/ 24 KB
25 KB 260ms
148ms Font
font/x-woff 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/iad/templates/fonts/droidsans_regular_macroman/DroidSans-webfont.woff
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f28615d9f8fa15ebdea2fde2cb75d309a54f6addf2dc3a86318e727e905ad8f9

Request headers

Origin: https://www.iad.gov
Referer: https://www.iad.gov/iad/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Fri, 04 Apr 2014 22:15:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "08aaf515350cf1:0"
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 25064

GET
H/1.1 200
OK navbar-flat-textbacker.png
www.iad.gov/iad/templates/images/ 156 B
402 B 145ms
145ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/templates/images/navbar-flat-textbacker.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f6ea83312db5e013a09889534bb6ff27d0263352771079214eac74b34255f73d

Request headers

Referer: https://www.iad.gov/iad/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Thu, 13 Mar 2014 20:00:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0209fd0f63ecf1:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 156

GET
H/1.1 200
OK icon-sprite.png
www.iad.gov/iad/templates/images/ 5 KB
5 KB 192ms
144ms Image
image/png 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iad.gov/iad/templates/images/icon-sprite.png
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/iad/style/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 36cad038ed5308c3acf8831d2b4ad83d69ade814568705ad3cad5428a76e8eda

Request headers

Referer: https://www.iad.gov/iad/style/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Last-Modified: Tue, 07 Apr 2015 22:24:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "076419c8171d01:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4950

GET
H/1.1 200
OK buttons.css
www.iad.gov/commonspot/dashboard/css/ 7 KB
2 KB 181ms
149ms Stylesheet
text/css 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/dashboard/css/buttons.css
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/commonspot/javascript/browser-all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8b53a72498bd4563b3c906d7c37a86710a725d0e6eddac7b7d2eb84394cb11a4

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Aug 2017 17:53:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06fd7b98117d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1756

GET
H/1.1 200
OK lightbox.css
www.iad.gov/commonspot/javascript/lightbox/ 4 KB
1 KB 300ms
264ms Stylesheet
text/css 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/javascript/lightbox/lightbox.css
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/commonspot/javascript/browser-all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 59dafb05f1f77c1460137ed81267582973b51fb95125f297d3625ecd6b04ecaf

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Aug 2017 17:54:28 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0e2cbde8117d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1044

GET
H/1.1 200
OK util.js Show response
www.iad.gov/commonspot/javascript/ 69 KB
20 KB 261ms
260ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/javascript/util.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/commonspot/javascript/browser-all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ad2edf043afd2c646b2ca4b9a7ad1eb99d826e9d71d61f4ec43ebb3d67d73086

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Jul 2019 13:42:10 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0a5e5c1ee42d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 20249

GET
H/1.1 200
OK lightbox.js Show response
www.iad.gov/commonspot/javascript/lightbox/ 66 KB
17 KB 151ms
149ms Script
application/javascript 8.44.96.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.iad.gov/commonspot/javascript/lightbox/lightbox.js
Requested by: Host: www.iad.gov
URL: https://www.iad.gov/commonspot/javascript/browser-all.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.44.96.42 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6c283022802b71705ab4b954810487342f1746ee402878d43b119064d798582e

Request headers

Referer: https://www.iad.gov/iad/library/reports/spotting-the-adversary-with-windows-event-log-monitoring.cfm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 04:06:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Oct 2017 00:01:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0cfc91ed4dd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 17271

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| jsDlgLoader string| jsSiteResourceLoader object| jsSiteResourceSettings function| $ function| jQuery function| renderResourceTag function| loadNonDashboardFiles function| loadDashboardFiles function| setUpComplete function| newCenteredWindow function| submitFormToNewWindow function| AskClearCache function| setSelectedAudience function| doDisplayOptionsMenu function| doRolesMenu function| doPageManagementMenu function| toggleState function| toggleDesc function| stopEvent function| canRollover number| bVer number| bCanRollover function| ImageSet function| gotoDiffLang boolean| doRefresh function| refreshParent function| getFrameWindow function| setEditorModeToWYSIWYG function| glblLinkHandler function| stringTrim function| substringReplace function| cs_decodeURI function| cs_encodeURI function| unescapeHTML function| setCommonspot function| checkPopupBlocked function| hasPopupBlocker function| last function| each number| gMenuControlID number| menus_included number| jsSiteID number| jsSubSiteID number| js_gvPageID number| jsPageID number| jsPageSetID number| jsPageType number| jsSiteSecurityCreateControls number| jsShowRejectForApprover object| html5 object| Modernizr function| yepnope function| formFocus function| toggleNavDrawer function| toggleMenu function| toggleSearchFilters function| checkWidth function| get_browser_info object| browser string| userMessages_text number| oldWidth number| pxToEm function| equalheight object| jQuery1124021621762683467738 boolean| hasRTE function| checkDlg function| CloseWindow function| cs_OpenURLinOpener function| doCPOpenInOpener function| DoFocus function| handleLoad function| csExtendedWindow function| newWindow function| OpenURLandClose function| OpenURLInOpener function| RefreshAndCloseWindow function| ResetParentWindow function| ReloadAndFocus function| RefreshParentWindow function| ResizeWindow function| ResizeWindow_Meat function| fixMinHeightAndWidth function| fixFooterWidth function| setthefocus function| checkDashboardSetup function| doDashboardSetup function| convertHrefToOnclick function| onLightboxLoad function| proxyPushButtons function| cleanRadioAndCheckBoxes function| checkRTELoadingState function| proxySpellChecker function| createProxyButton function| arrayIndexOf function| onLightboxResize undefined| cleanHTMLWnd undefined| spellcheckerWnd function| getOpener function| getOpenerWithIFrame function| getWindowWithFrame function| getRTEopener function| getRTEObject function| hasLightbox function| getCleanHTMLTarget function| getSpellCheckTarget function| closeEmptyChildDialogs function| closeCleanHTMLWindows function| getCSModuleField function| closeSpellCheckWindows function| openEmptyLightBox function| getAdminWindow function| clear_sched_element function| show_sched_element function| setStatbar function| HandleLink function| onLoadComplete function| doWindowOpen function| FormatWindowParams number| loopcnt function| doReload string| jsPageContributeMode string| jsPageSessionContributeMode number| jsPageAuthorMode number| jsPageEditMode object| commonspot undefined| arrFiles object| cs_resourcesLoaded number| _startX number| _startY number| _offsetX number| _offsetY undefined| _dragElement number| _oldZIndex object| _debug object| commonspotData function| activateFields function| InitDragDrop object| EventCache function| flashMsg function| OnMouseDown function| OnMouseUp function| OnMouseMove function| ExtractNumber function| getDraggableTarget function| BrowserCheck function| removeDuplicateParams object| r boolean| mac number| topPostion number| currentDiv

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.iad.gov/	1969-12-31 23:59:59	Name: CFID Value: 23489508
			www.iad.gov/	1969-12-31 23:59:59	Name: CFTOKEN Value: 74338783
			www.iad.gov/	1969-12-31 23:59:59	Name: JSESSIONID Value: F05DF73192927D9285CB935E5A218D08.cfusion
			www.iad.gov/	1969-12-31 23:59:59	Name: MRHSession Value: 51bde9a93e222baa74cafc167eb750c5
			www.iad.gov/	1969-12-31 23:59:59	Name: F5_ST Value: 1z1z1z1612411558z604800
			www.iad.gov/	1969-12-31 23:59:59	Name: LastMRH_Session Value: 7eb750c5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.iad.gov
8.44.96.42
006b4da7981ee43dcfe3a94f3f68586672dbab6374d2c94d3dbbd678e7940bf0
039aafa965210905731a5051a046983f7b21129cbc9d5bc1a24faa7612aae204
0f72be2a50695821ec1652ae9755b278478456f825edf51a0096ae6e40fd7ad1
194f701b95320f2cd99eab5b331b497ddba4a8036454b943bf79ba3f66978373
1b77edac90135d53758a28dcca390570a63f30ff4fa0954b63aded2e04f7f2e7
1c2b499e2dfff0ee1d5fa4faa5f5bf116c278d3a4778ab89517f648bffe67c1a
36cad038ed5308c3acf8831d2b4ad83d69ade814568705ad3cad5428a76e8eda
379f0897cfe86479c5d7fd4cab74e1897324dc595deb54c55c8c81798f5c3d6d
3a24b1c080c585b61dff4604d7479593a71a2e4ffe6147214d46717eca761a74
3a83a4d380dba7b6466d63317e0a6239a140e0568c444d7673a67d2f2ce0f95e
41ab0b4898f1e6a76a3e2f36ced34066467ebf93a1b0588de4e1b8da99e21ebf
5723d0f66ffe2eab7c0dad73342fce944d37d36a064ea647bf00edfe9e611c4f
577bb18de3485861b7aabc359f4b8b04e0ecc7d8d52b5d79937639a43011b971
57de2d482a89ea8802b2b525be5b246da1aceff9ec7582373185606136699173
59dafb05f1f77c1460137ed81267582973b51fb95125f297d3625ecd6b04ecaf
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c283022802b71705ab4b954810487342f1746ee402878d43b119064d798582e
7080c502f4002c69e9ecd261b1103eb8879f6276b007529c69d677b929009d08
8b53a72498bd4563b3c906d7c37a86710a725d0e6eddac7b7d2eb84394cb11a4
9b16917840f707473ed1264e3e7d93e6cfd765f9e3bb3fb1aeb3952e511eb88c
a2e628ca75626f434df6a6a54e24533b3df91ed02fb7d38f6616160c98186356
ad2edf043afd2c646b2ca4b9a7ad1eb99d826e9d71d61f4ec43ebb3d67d73086
c20d383e1065cfebe4113236dc47e0ebb36be6e28732086e25f587677b52e95b
c59012f78746562b628905cc6a1a6f4c89617f44a2f4443663b5e5c675c17717
c7fecbaa767691ff2dc8f9701021e7c7a9edfc4c02133866d529791ceee4c2d0
c87f378b73c687c513d6938528d95859e586401571fc6c2795f20566af022c5d
c97e5d18a9cb3decec7d636ec2ba02f48b81071a161402e4177583912560abf4
f28615d9f8fa15ebdea2fde2cb75d309a54f6addf2dc3a86318e727e905ad8f9
f6ea83312db5e013a09889534bb6ff27d0263352771079214eac74b34255f73d
f9386501c5f83e71b1ee106c54df3658d369d9f8a65b4b726c0cd3d2a5026b26
fbbe08ac8deae1f5f20ae58e1252a7107187832ee80a6598a07f3511c863c83b