urlscan.io logo urlscan.io
SecurityTrails logo

isc.sans.edu Open in urlscan Pro
204.51.94.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/kheo8B7z7h
Effective URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5...
Submission: On May 23 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 30 HTTP transactions. The main IP is 204.51.94.153, located in Bethesda, United States and belongs to SANS-INSTITUTE - SANS INSTITUTE, US. The main domain is isc.sans.edu.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 30th 2019. Valid for: 3 months.
This is the only time isc.sans.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
1 1 52.71.68.107 14618 (AMAZON-AES)
1 29 204.51.94.153 62669 (SANS-INST...)
1 45.60.33.34 19551 (INCAPSULA)
30 3
Apex Domain
Subdomains		 Transfer
29 sans.edu
isc.sans.edu
325 KB
1 sans.org
www.sans.org
1 nzzl.us
nzzl.us
186 B
1 t.co
t.co
388 B
30 4
Domain Requested by
29 isc.sans.edu 1 redirects t.co
isc.sans.edu
1 www.sans.org isc.sans.edu
1 nzzl.us 1 redirects
1 t.co
30 4
Subject Issuer Validity Valid
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
isc.sans.edu
Let's Encrypt Authority X3		 2019-04-30 -
2019-07-29		 3 months crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-23 -
2020-04-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Frame ID: 6DE55713A832B9771D42164440643EA7
Requests: 29 HTTP requests in this frame

Frame: https://www.sans.org/banners/isc_ss.php
Frame ID: 752BA3107A35A1CDCAA6E6FE130EEF66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/kheo8B7z7h Page URL
  2. https://nzzl.us/RCCUYPt HTTP 301
    https://isc.sans.edu/diary.html?storyid=24960 HTTP 301
    https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

324 kB
Transfer

516 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/kheo8B7z7h Page URL
  2. https://nzzl.us/RCCUYPt HTTP 301
    https://isc.sans.edu/diary.html?storyid=24960 HTTP 301
    https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kheo8B7z7h
t.co/ 		224 B
388 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/kheo8B7z7h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
57e5a26e1e976894af95f8fd4355bbd3794703b2f8b26a62f9add020e8d6f93d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/kheo8B7z7h
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
175
content-type
text/html; charset=utf-8
date
Thu, 23 May 2019 05:44:01 GMT
expires
Thu, 23 May 2019 05:49:01 GMT
server
tsa_f
set-cookie
muc=63e81bbd-26a8-4efa-8682-cae63679b6a7; Max-Age=63072000; Expires=Sat, 22 May 2021 05:44:01 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
c62c2ae59cfe208e557352ebe5ad0fcd
x-response-time
115
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
Primary Request Cookie set 24960
isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/
Redirect Chain
  • https://nzzl.us/RCCUYPt
  • https://isc.sans.edu/diary.html?storyid=24960
  • https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Requested by
Host: t.co
URL: https://t.co/kheo8B7z7h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
5e688f7525a69b7dbdb58cfe135896eac0c832433c4781c7e9ec0055b65cde3a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
isc.sans.edu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
dshield=vnptqvpaff256ci6a9erd2mq24; guestkey=4af4fe2405b16cd2b2d562ecaa7e7a4d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:02 GMT
Server
nc
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-HeyJason
DEV522 rocks
Permitted-Cross-Domain-Policies
none
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Do-Not-Hack
18 U.S.C. Parag 1030
X-Frame-Options
SAMEORIGIN SAMEORIGIN
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Referrer-Policy
same-origin
Randomness
247a012c22f05a4
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Pragma
no-cache
Set-Cookie
userid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=isc.sans.edu; secure; httponly guestkey=4af4fe2405b16cd2b2d562ecaa7e7a4d; expires=Sat, 22-Jun-2019 05:44:02 GMT; Max-Age=2592000; path=/; domain=isc.sans.edu; secure; httponly
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html;
P3P
CP="NON DSP COR CURa ADMa DEVa HISa OUR SAMa DELa UNRa BUS"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
7390
Keep-Alive
timeout=30, max=299
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 23 May 2019 05:44:02 GMT
Server
nc
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-HeyJason
DEV522 rocks
Permitted-Cross-Domain-Policies
none
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Do-Not-Hack
18 U.S.C. Parag 1030
X-Frame-Options
SAMEORIGIN SAMEORIGIN
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Referrer-Policy
same-origin
Randomness
fa8bf4a2606afa5
Set-Cookie
dshield=vnptqvpaff256ci6a9erd2mq24; path=/; domain=isc.sans.edu; secure; HttpOnly userid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=isc.sans.edu; secure; httponly guestkey=4af4fe2405b16cd2b2d562ecaa7e7a4d; expires=Sat, 22-Jun-2019 05:44:02 GMT; Max-Age=2592000; path=/; domain=isc.sans.edu; secure; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Pragma
no-cache
Location
/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Content-Length
0
Keep-Alive
timeout=30, max=300
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
screen.css
isc.sans.edu/css/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/css/screen.css
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
e9cf6eb141c8e39bcb1f9da85535414590d7eac99e64ca549be9271aec42ce62
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
8988
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 22 May 2019 21:16:38 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"a8d8-589807b2caa68-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
text/css
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=298
Expires
Thu, 23 May 2019 06:44:03 GMT
msft.css
isc.sans.edu/css/ 		459 B
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/css/msft.css
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
0a99dfbbb63b896698bfc24e65d563e3941fca0f3508b78c4b8108cee3fdc5fb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
219
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 15 Mar 2018 00:52:23 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"1cb-56768e7a18f69-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
text/css
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=297
Expires
Thu, 23 May 2019 06:44:03 GMT
fontawesome.css
isc.sans.edu/css/ 		92 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/css/fontawesome.css
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
a078ca983c92c525fe69bba051f7c1d0937c47c2f701868b6eecd13a5efc4263
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
20170
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 30 Jan 2019 14:47:28 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"16ef4-580adfd223154-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
text/css
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=296
Expires
Thu, 23 May 2019 06:44:03 GMT
jquery.js
isc.sans.edu/3p/jQuery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/3p/jQuery/jquery.js
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
30080
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 12 Jan 2017 22:00:06 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"152b5-545ecd719806f-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
application/javascript
X-Do-Not-Hack
18 U.S.C. Parag 1030
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=300
jquery-eu-cookie-law-popup.js
isc.sans.edu/3p/jquery-eu-cookie-law-popup/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/3p/jquery-eu-cookie-law-popup/js/jquery-eu-cookie-law-popup.js
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
1ce9658a49572947585870082bee912204226c9e586fa140117e85332f697494
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
2461
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 31 May 2017 11:02:42 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"2312-550cfdbf9053b-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
application/javascript
X-Do-Not-Hack
18 U.S.C. Parag 1030
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=300
jquery-eu-cookie-law-popup.css
isc.sans.edu/3p/jquery-eu-cookie-law-popup/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/3p/jquery-eu-cookie-law-popup/css/jquery-eu-cookie-law-popup.css
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
2581ed2d4bc43877fbd2f16ea5da6db6a3e798f40f79facf61d93d9ced68fb19
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
614
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 31 May 2017 11:02:41 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"79f-550cfdbededc1-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
text/css
X-Do-Not-Hack
18 U.S.C. Parag 1030
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=300
bootstrap-modal.min.css
isc.sans.edu/css/bootstrap-modal/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/css/bootstrap-modal/bootstrap-modal.min.css
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
1535
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Sun, 10 Jun 2018 02:14:24 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"1329-56e403122a8cf-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
text/css
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=300
Expires
Thu, 23 May 2019 06:44:03 GMT
bootstrap.min.js
isc.sans.edu/js/bootstrap-modal/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/js/bootstrap-modal/bootstrap.min.js
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
80bab0fce06cce9b0d11d8d7c5762706523db4da59642f4722b0811a09da41b8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
2209
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 30 Jan 2019 14:47:28 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"19c9-580adfd2277a2-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
application/javascript; charset=utf-8
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=299
Expires
Thu, 23 May 2019 06:44:03 GMT
default.css
isc.sans.edu/3p/ckeditor4_11/plugins/codesnippet/lib/highlight/styles/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/3p/ckeditor4_11/plugins/codesnippet/lib/highlight/styles/default.css
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
95c0f2b05e6b146b94e9fda88f892725138ca515f379627be7c30d47b9f00fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
927
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 21 Jan 2019 08:53:48 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"af4-57ff3ffbe5f00-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
text/css
X-Do-Not-Hack
18 U.S.C. Parag 1030
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=300
highlight.pack.js
isc.sans.edu/3p/ckeditor4_11/plugins/codesnippet/lib/highlight/ 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/3p/ckeditor4_11/plugins/codesnippet/lib/highlight/highlight.pack.js
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
c9a8d3684a43c3c40685f5327817aaa737ffc5c47f1c6c59393c5f2b4a08228a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
12292
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 21 Jan 2019 08:53:48 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"75e3-57ff3ffbe5f00-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
application/javascript
X-Do-Not-Hack
18 U.S.C. Parag 1030
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=299
Screen%20Shot%202019-05-22%20at%204_20_32%20PM.png
isc.sans.edu/diaryimages/images/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/diaryimages/images/Screen%20Shot%202019-05-22%20at%204_20_32%20PM.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
e3ede211c7eae49a13589a63f039ca5ff480dc6f0985ddf85bdbd92556603ec6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
87733
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 22 May 2019 20:21:53 GMT
Server
nc
ETag
"156b5-5897fb751da4d"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=299
dev522horizontalbanner.png
isc.sans.edu/images/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/dev522horizontalbanner.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
7b9d96eab12114cb3cc9f5a93897ec3dc567538e9cada3ffd3647573a5e872fd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
76927
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Mon, 27 Mar 2017 23:03:56 GMT
Server
nc
ETag
"12c7f-54bbe5ba03da6"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=299
Expires
Thu, 23 May 2019 06:44:03 GMT
slack200.png
isc.sans.edu/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/slack200.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
e29cd466bec682e43e6a7daabc7ae9b1d3c5c39b38a074506ea378a4520178a3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
8041
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 21 Feb 2019 16:07:24 GMT
Server
nc
ETag
"1f69-58269ab8afa61"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=299
Expires
Thu, 23 May 2019 06:44:03 GMT
cc.png
isc.sans.edu/images/ 		461 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/cc.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
e822f0984efb293dbe344fe6134c9a295a10a3fa2ecbc1695594180bdd719e9f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
461
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"1cd-54549392ba372"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=295
Expires
Thu, 23 May 2019 06:44:03 GMT
main.js
isc.sans.edu/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://isc.sans.edu/js/main.js
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
c1899f311a78162fb68fac938bb683ed222024a6e426f2a12d059e53dfb07578
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
1209
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 22 May 2019 21:16:38 GMT
Server
nc
X-Frame-Options
SAMEORIGIN
ETag
"d10-589807b2cb238-gzip"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
Content-Type
application/javascript; charset=utf-8
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=298
Expires
Thu, 23 May 2019 06:44:03 GMT
logo.png
isc.sans.edu/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/img/logo.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
eb46583a69595bc99bc9da4bfbbf4c52b876445dc717200262f35530dd4a309f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
2726
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"aa6-54549392d06de"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=298
Expires
Thu, 23 May 2019 06:44:03 GMT
site-switcher.png
isc.sans.edu/img/site-switcher/ 		416 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/img/site-switcher/site-switcher.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
a74250eb70aca3d0d34e2814a080589eb30010ebda722507aeb38c2d891937b1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
416
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"1a0-54549392d06de"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=297
Expires
Thu, 23 May 2019 06:44:03 GMT
sites.png
isc.sans.edu/img/site-switcher/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/img/site-switcher/sites.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
eca52818f63e4f02ad20e0fda9b37818060b7fd523e59a1210b0076264956db9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
8777
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"2249-54549392d06de"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=294
Expires
Thu, 23 May 2019 06:44:03 GMT
information.png
isc.sans.edu/img/site-switcher/ 		536 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/img/site-switcher/information.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
2adecdd5af1f1877b840ec2a66eaff670541402bf063bdb8014587b3d3046bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
536
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"218-54549392d06de"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=297
Expires
Thu, 23 May 2019 06:44:03 GMT
isc_ss.php
www.sans.org/banners/ Frame 752B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sans.org/banners/isc_ss.php
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.34 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options *
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.sans.org
:scheme
https
:path
/banners/isc_ss.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 23 May 2019 05:44:04 GMT
server
Apache
strict-transport-security
max-age=31556926; includeSubdomains
set-cookie
SANS_INST=gvrk9kclm9mooau9k2qsks92o4; path=/; secure; HttpOnly SANS_INST=gvrk9kclm9mooau9k2qsks92o4; expires=Thu, 23-May-2019 06:44:04 GMT; Max-Age=3600; path=/; secure; httponly visid_incap_1329355=KhtyQhu/R+u8qrWfNF2NQiIz5lwAAAAAQUIPAAAAAACeXmzg/fLw73u2OO98SPq8; expires=Thu, 21 May 2020 12:40:03 GMT; path=/; Domain=.sans.org nlbi_1329355=UTvyBGry42DTE5QMu3YNYQAAAADznSU9VGB04mipWOr9aYw6; path=/; Domain=.sans.org incap_ses_408_1329355=wJA/Rn3gD1i9uv9id4OpBSMz5lwAAAAA5CHDzQ0qnHD+z9LqR+tZUw==; path=/; Domain=.sans.org
expires
-1
cache-control
no-store
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
*
x-xss-protection
1; mode=block
content-type
text/html; charset=ISO-8859-1
x-iinfo
10-40059884-40059885 NNNN CT(92 193 0) RT(1558590242763 0) q(0 0 3 0) r(5 5) U12
x-cdn
Incapsula
fullscreen.png
isc.sans.edu/images/ 		346 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/fullscreen.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
29811fa2a73145ed0a7b5ce19f4f2fa5955e42fb4e7b252826174633ca264fe2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
346
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"15a-54549392c283d"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=296
Expires
Thu, 23 May 2019 06:44:03 GMT
facebook.ico
isc.sans.edu/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/icons/facebook.ico
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
5678ee6a1f605d6ada6230003a8d9c182869e1f40d02d414b368cc820c9a97b8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
1150
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"47e-54549392c37dd"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/vnd.microsoft.icon
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=900, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=298
Expires
Thu, 23 May 2019 05:59:03 GMT
twitter.ico
isc.sans.edu/images/icons/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/icons/twitter.ico
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
15e2a6aec006e029bcccaf870ab8606a4c03a7ff3df90239ff5cd889ca585a39
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
6518
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"1976-54549392c3bc5"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/vnd.microsoft.icon
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=900, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=293
Expires
Thu, 23 May 2019 05:59:03 GMT
gplus.ico
isc.sans.edu/images/icons/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/icons/gplus.ico
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
74f94ac31fdf2dff28740d92d6ff817e93925969b3aae5046a4b8e03dc9e1c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
22382
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"576e-54549392c3bc5"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/vnd.microsoft.icon
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=900, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=298
Expires
Thu, 23 May 2019 05:59:03 GMT
ico-comments.gif
isc.sans.edu/images/design/standard/ 		399 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/design/standard/ico-comments.gif
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
4568cdf4cba3c6d94ee1a50230a77f99878c508c81b46005062346fb95a7e91d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
399
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"18f-54549392bda20"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=298
Expires
Thu, 23 May 2019 06:44:03 GMT
arrow-skip-090.png
isc.sans.edu/images/icons/fugue3.0/ 		628 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/icons/fugue3.0/arrow-skip-090.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
af919debd4dad42cd3248b9566a31303027f21f15489d63296b2fab65c4fabfc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
628
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"274-54549392c37dd"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=296
Expires
Thu, 23 May 2019 06:44:03 GMT
folder.png
isc.sans.edu/images/ 		537 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/images/folder.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
d049b83cadc5ae55a1639837a7653db1def729761f1913ee5dc4e4eb47fbd2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
537
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"219-54549392c2456"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=297
Expires
Thu, 23 May 2019 06:44:03 GMT
socialIconsFoot.png
isc.sans.edu/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://isc.sans.edu/img/socialIconsFoot.png
Requested by
Host: isc.sans.edu
URL: https://isc.sans.edu/diary/An+Update+on+the+Microsoft+Windows+RDP+%22Bluekeep%22+Vulnerability+%28CVE-2019-0708%29+%5Bnow+with+pcaps%5D/24960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.51.94.153 Bethesda, United States, ASN62669 (SANS-INSTITUTE - SANS INSTITUTE, US),
Reverse DNS
Software
nc /
Resource Hash
a7db65824c9d9e722de20f9830bf5290d6d08570c1469cac323641d7b0dcee0a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://isc.sans.edu/css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 23 May 2019 05:44:03 GMT
Strict-Transport-Security
max-age=31556926; includeSubdomains; preload
X-Content-Type-Options
nosniff
Permitted-Cross-Domain-Policies
none
X-HeyJason
DEV522 rocks
Connection
Keep-Alive
Content-Length
4804
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 04 Jan 2017 18:47:57 GMT
Server
nc
ETag
"12c4-54549392d0ac6"
Expect-CT
max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-Do-Not-Hack
18 U.S.C. Parag 1030
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
Keep-Alive
timeout=30, max=297
Expires
Thu, 23 May 2019 06:44:03 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| hljs function| maxarticle object| block function| getIpInfo undefined| modal function| openModal function| closeModal function| startSpinner function| stopSpinner function| bindIpModal

6 Cookies

Domain/Path Name / Value
.isc.sans.edu/ Name: dshield
Value: vnptqvpaff256ci6a9erd2mq24
.sans.org/ Name: nlbi_1329355
Value: UTvyBGry42DTE5QMu3YNYQAAAADznSU9VGB04mipWOr9aYw6
.sans.org/ Name: incap_ses_408_1329355
Value: wJA/Rn3gD1i9uv9id4OpBSMz5lwAAAAA5CHDzQ0qnHD+z9LqR+tZUw==
.sans.org/ Name: visid_incap_1329355
Value: KhtyQhu/R+u8qrWfNF2NQiIz5lwAAAAAQUIPAAAAAACeXmzg/fLw73u2OO98SPq8
www.sans.org/ Name: SANS_INST
Value: gvrk9kclm9mooau9k2qsks92o4
.isc.sans.edu/ Name: guestkey
Value: 4af4fe2405b16cd2b2d562ecaa7e7a4d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

isc.sans.edu
nzzl.us
t.co
www.sans.org
104.244.42.5
204.51.94.153
45.60.33.34
52.71.68.107
0a99dfbbb63b896698bfc24e65d563e3941fca0f3508b78c4b8108cee3fdc5fb
15e2a6aec006e029bcccaf870ab8606a4c03a7ff3df90239ff5cd889ca585a39
1ce9658a49572947585870082bee912204226c9e586fa140117e85332f697494
2581ed2d4bc43877fbd2f16ea5da6db6a3e798f40f79facf61d93d9ced68fb19
29811fa2a73145ed0a7b5ce19f4f2fa5955e42fb4e7b252826174633ca264fe2
2adecdd5af1f1877b840ec2a66eaff670541402bf063bdb8014587b3d3046bcf
4568cdf4cba3c6d94ee1a50230a77f99878c508c81b46005062346fb95a7e91d
5678ee6a1f605d6ada6230003a8d9c182869e1f40d02d414b368cc820c9a97b8
57e5a26e1e976894af95f8fd4355bbd3794703b2f8b26a62f9add020e8d6f93d
5e688f7525a69b7dbdb58cfe135896eac0c832433c4781c7e9ec0055b65cde3a
74f94ac31fdf2dff28740d92d6ff817e93925969b3aae5046a4b8e03dc9e1c2e
7b9d96eab12114cb3cc9f5a93897ec3dc567538e9cada3ffd3647573a5e872fd
80bab0fce06cce9b0d11d8d7c5762706523db4da59642f4722b0811a09da41b8
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
95c0f2b05e6b146b94e9fda88f892725138ca515f379627be7c30d47b9f00fe7
a078ca983c92c525fe69bba051f7c1d0937c47c2f701868b6eecd13a5efc4263
a74250eb70aca3d0d34e2814a080589eb30010ebda722507aeb38c2d891937b1
a7db65824c9d9e722de20f9830bf5290d6d08570c1469cac323641d7b0dcee0a
af919debd4dad42cd3248b9566a31303027f21f15489d63296b2fab65c4fabfc
c1899f311a78162fb68fac938bb683ed222024a6e426f2a12d059e53dfb07578
c9a8d3684a43c3c40685f5327817aaa737ffc5c47f1c6c59393c5f2b4a08228a
d049b83cadc5ae55a1639837a7653db1def729761f1913ee5dc4e4eb47fbd2a6
e29cd466bec682e43e6a7daabc7ae9b1d3c5c39b38a074506ea378a4520178a3
e3ede211c7eae49a13589a63f039ca5ff480dc6f0985ddf85bdbd92556603ec6
e822f0984efb293dbe344fe6134c9a295a10a3fa2ecbc1695594180bdd719e9f
e9cf6eb141c8e39bcb1f9da85535414590d7eac99e64ca549be9271aec42ce62
eb46583a69595bc99bc9da4bfbbf4c52b876445dc717200262f35530dd4a309f
eca52818f63e4f02ad20e0fda9b37818060b7fd523e59a1210b0076264956db9
f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c