urlscan.io logo urlscan.io
SecurityTrails logo

dfir.science Open in urlscan Pro
2606:50c0:8003::153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dfir.science/
Effective URL: https://dfir.science/
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 32 HTTP transactions. The main IP is 2606:50c0:8003::153, located in United States and belongs to FASTLY, US. The main domain is dfir.science.
TLS certificate: Issued by R3 on October 28th 2023. Valid for: 3 months.
This is the only time dfir.science was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:50c0:800... 54113 (FASTLY)
10 2606:50c0:800... 54113 (FASTLY)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 51.38.185.25 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
1 184.25.158.47 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
7 18.245.86.94 16509 (AMAZON-02)
1 23.212.219.180 16625 (AKAMAI-AS)
2 104.64.175.81 16625 (AKAMAI-AS)
32 9
1    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
dfir.science
10    2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)
dfir.science
4    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    51.38.185.25 (France)

ASN16276 (OVH, FR)
PTR: vps-06119eaf.vps.ovh.net
microanalytics.io
app.microanalytics.io
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    184.25.158.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-158-47.deploy.static.akamaitechnologies.com
chimpstatic.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    18.245.86.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-94.fra60.r.cloudfront.net
downloads.mailchimp.com
1    23.212.219.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-219-180.deploy.static.akamaitechnologies.com
mc.us5.list-manage.com
2    104.64.175.81 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-175-81.deploy.static.akamaitechnologies.com
digitalasset.intuit.com
Apex Domain
Subdomains		 Transfer
11 dfir.science
dfir.science
411 KB
7 mailchimp.com
downloads.mailchimp.com — Cisco Umbrella Rank: 14518
111 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
180 KB
3 microanalytics.io
microanalytics.io — Cisco Umbrella Rank: 778031
app.microanalytics.io — Cisco Umbrella Rank: 983896
2 KB
2 intuit.com
digitalasset.intuit.com — Cisco Umbrella Rank: 21732
10 KB
2 gstatic.com
fonts.gstatic.com
34 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 list-manage.com
mc.us5.list-manage.com — Cisco Umbrella Rank: 111486
8 KB
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 6061
2 KB
32 9
Domain Requested by
11 dfir.science 1 redirects dfir.science
7 downloads.mailchimp.com chimpstatic.com
downloads.mailchimp.com
4 cdn.jsdelivr.net dfir.science
cdn.jsdelivr.net
2 digitalasset.intuit.com dfir.science
2 app.microanalytics.io microanalytics.io
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com dfir.science
1 mc.us5.list-manage.com downloads.mailchimp.com
1 chimpstatic.com dfir.science
1 microanalytics.io dfir.science
32 10
Subject Issuer Validity Valid
dfir.science
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
microanalytics.io
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
app.microanalytics.io
R3		 2023-10-21 -
2024-01-19		 3 months crt.sh
downloads.mailchimp.com
Amazon RSA 2048 M02		 2023-06-20 -
2024-07-17		 a year crt.sh
wildcardsan.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-12 -
2024-09-11		 a year crt.sh
digitalasset.intuit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-03 -
2024-08-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://dfir.science/
Frame ID: 9FE8A75803B1ED826A50C8394D9FDDBE
Requests: 26 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/common.css
Frame ID: 51076184685B4BF653073F343D733698
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/common.css
Frame ID: F1B184E485AF53757B49A5ED4CD16936
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DFIRScience

Page URL History Show full URLs

  1. http://dfir.science/ HTTP 301
    https://dfir.science/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • Powered by <a href="https?://jekyllrb\.com"[^>]*>Jekyll</
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

758 kB
Transfer

1397 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dfir.science/ HTTP 301
    https://dfir.science/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dfir.science/
Redirect Chain
  • http://dfir.science/
  • https://dfir.science/
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
04192dfb19cbbcbe957b5f72aaca297f99a7810e605940c3e4b513a3c65acf88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
4563
content-type
text/html; charset=utf-8
date
Fri, 03 Nov 2023 19:14:50 GMT
etag
W/"63740468-4689"
expires
Fri, 03 Nov 2023 13:23:59 GMT
last-modified
Tue, 15 Nov 2022 21:28:08 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
098ba2429da73d77fd11d2636ebd4faa921afb6d
x-github-request-id
B96A:10107:15C14BA:161E565:6544F217
x-proxy-cache
MISS
x-served-by
cache-fra-eddf8230074-FRA
x-timer
S1699038890.219361,VS0,VE98

Redirect headers

Accept-Ranges
bytes
Age
0
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Fri, 03 Nov 2023 19:14:50 GMT
Location
https://dfir.science/
Server
GitHub.com
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Fastly-Request-ID
c3c904e080f1b71ac1909ece3d87d7122c6c559e
X-GitHub-Request-Id
94B4:FE80:1B1D31:1B95BA:654546AA
X-Served-By
cache-fra-eddf8230096-FRA
X-Timer
S1699038890.093041,VS0,VE90
main.css
dfir.science/assets/css/ 		62 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dfir.science/assets/css/main.css
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
6aae5c0335e0c8b5ce0d64f530ac253a1942e0113c2e1220925ff43840d1525a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
d52b8c2d77ebf461064e08895ecd64434624299a
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
12890
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:28:08 GMT
server
GitHub.com
x-github-request-id
C88E:F838:D659E4:D9D7E6:65447039
x-timer
S1699038890.356474,VS0,VE2
etag
W/"63740468-f89a"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 03 Nov 2023 04:09:53 GMT
all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18118
x-jsd-version
5.15.4
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230107-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BEq4nmXEIMKKwV4mleeYTCTDRcXanvqU30Yf96mBIKX5a9DIAhHOaK7Hwye%2FwDPamVCIWusJnDi1vVfgAE1OGxMoSDtDWfQTL%2BjlW7gu0ocIAuK0jI6sSz4%2BT49Ii7x5b%2Bpo%2FXem%2BGwHrZC9Us%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8206f148f8c82bdd-FRA
script.js
microanalytics.io/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://microanalytics.io/js/script.js
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.38.185.25 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-06119eaf.vps.ovh.net
Software
nginx /
Resource Hash
570d99d64a3885d905f17cfb4faed3e713fcdcec052c7f96d38acc145983c5fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 19:14:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Aug 2023 10:16:17 GMT
Server
nginx
ETag
W/"64d4b8f1-87f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=604800
wikivps.com
HIT from backend
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Fri, 10 Nov 2023 19:14:50 GMT
css
fonts.googleapis.com/ 		2 KB
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e7f5a1789b7cfbdf8d9d10cc0f5081f6a9ca19ad24f516a52afc865cd0941b3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 18:55:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 19:14:50 GMT
css
fonts.googleapis.com/ 		2 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39f186b6eb6cae76659183907db8437fda9f3cd362e98dfe0c64596217a7c492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 18:28:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Nov 2023 19:14:50 GMT
dfir_circuits_corner.png
dfir.science/assets/images/logos/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfir.science/assets/images/logos/dfir_circuits_corner.png
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a8988d67ee7f22fa5e226abb2f8c6da90c5ca00ed17c0e3d2a29fc66e0ccc55d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
fc88ebe45c99f176c765111dfb885b067fed11e1
date
Fri, 03 Nov 2023 19:14:50 GMT
via
1.1 varnish
expires
Fri, 03 Nov 2023 04:09:53 GMT
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
102281
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:27:29 GMT
server
GitHub.com
x-github-request-id
5BF2:5DE3:D5A9FA:D928F5:65447039
x-timer
S1699038890.356865,VS0,VE2
etag
"63740441-18f89"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1
dfir_logo_horz_light.png
dfir.science/assets/images/logos/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfir.science/assets/images/logos/dfir_logo_horz_light.png
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
49b6eabf151d0d507b6b326036c3df1b64b3aa6eb925e351f95038a310fd09a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
d24f90db10b622880ef4d946892045eb51760884
date
Fri, 03 Nov 2023 19:14:50 GMT
via
1.1 varnish
expires
Fri, 03 Nov 2023 04:09:53 GMT
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
68732
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:27:29 GMT
server
GitHub.com
x-github-request-id
8272:5E15:D34C7E:D6E309:65447039
x-timer
S1699038890.356827,VS0,VE3
etag
"63740441-10c7c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1
becomepatron.png
dfir.science/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfir.science/assets/images/becomepatron.png
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
91a3e46bd2f13459f49e0725554fa7908e36ac219655c4926b8501e9779c05a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
ecd50abfc0c454985d19c1cf0a237992377abca9
date
Fri, 03 Nov 2023 19:14:50 GMT
via
1.1 varnish
expires
Fri, 03 Nov 2023 04:09:54 GMT
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
10193
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:27:29 GMT
server
GitHub.com
x-github-request-id
C7D2:127BD:D67DF2:DA08D5:65447039
x-timer
S1699038890.382344,VS0,VE3
etag
"63740441-27d1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
1
dfir_circuits_corner_navy.png
dfir.science/assets/images/logos/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfir.science/assets/images/logos/dfir_circuits_corner_navy.png
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
dea590e7a344ea7b1d9affe6f8b6fcee69778f1aa5e6b4a4a4339b068bd8e6e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
f75b4e849c118ea03bc72e5f969acd675fcefcda
date
Fri, 03 Nov 2023 19:14:50 GMT
via
1.1 varnish
x-cache-hits
1
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
103143
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:27:29 GMT
server
GitHub.com
x-github-request-id
D614:886D:D39640:D720A4:6544703A
x-timer
S1699038890.382555,VS0,VE5
etag
"63740441-192e7"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 03 Nov 2023 04:09:54 GMT
main.min.js
dfir.science/assets/js/ 		120 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfir.science/assets/js/main.min.js
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e2c08b3696c561765665f6d299c44dc819d3a6d384bab9f54c0be37f369c975f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
3f654cb69131e109fe2433ed206b3a3411b1a439
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
42275
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:27:29 GMT
server
GitHub.com
x-github-request-id
4080:81AB:D836AC:DBB53C:65447039
x-timer
S1699038890.382512,VS0,VE3
etag
W/"63740441-1de0e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 03 Nov 2023 04:09:53 GMT
lunr.min.js
dfir.science/assets/js/lunr/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfir.science/assets/js/lunr/lunr.min.js
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
0c50d9002b85780a842afffb567bb54ede402dae7c6dc5997a018614d8044fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
f5c8571fc2c094dd085551a0264a617783952a48
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
8471
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:27:29 GMT
server
GitHub.com
x-github-request-id
85AE:886D:D395EE:D72057:65447038
x-timer
S1699038890.382736,VS0,VE2
etag
W/"63740441-7346"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 03 Nov 2023 04:09:54 GMT
lunr-store.js
dfir.science/assets/js/lunr/ 		239 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dfir.science/assets/js/lunr/lunr-store.js
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
92237cfde51133d68f42ca8875bd2b72d03bb80717386bd04a9b665fe6e80417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
054e30c30618ffbab6c78c28cab8e3dd313e1eb2
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
64985
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:28:08 GMT
server
GitHub.com
x-github-request-id
7562:C7FB:D6578C:D9EE7A:65447039
x-timer
S1699038890.382127,VS0,VE5
etag
W/"63740468-3bcce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 03 Nov 2023 04:09:54 GMT
lunr-en.js
dfir.science/assets/js/lunr/ 		2 KB
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dfir.science/assets/js/lunr/lunr-en.js
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
455dd8504356827ccf085274d4fd54ae29b0d906e993b3ecd28a8a9b290cd7f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-fastly-request-id
feb0ad132680e9cb876c7ada5bb466910feb3ac7
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
393
x-cache
HIT
x-proxy-cache
MISS
content-length
818
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Nov 2022 21:28:08 GMT
server
GitHub.com
x-github-request-id
2984:1AF3:E07FAE:E41943:6544703A
x-timer
S1699038890.382452,VS0,VE2
etag
W/"63740468-9bd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 03 Nov 2023 04:09:54 GMT
bc1e83d88c15540b3c7f781ee.js
chimpstatic.com/mcjs-connected/js/users/3664f5bc2c4350bc7454f233d/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/3664f5bc2c4350bc7454f233d/bc1e83d88c15540b3c7f781ee.js
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.158.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-158-47.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
16e04a9a46ac0ea5e191b0883837e6dd660c7823b5400db021889d4a4e450a8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
102, 394, 99, 105
Date
Fri, 03 Nov 2023 19:14:50 GMT
Content-Encoding
gzip
x-amz-request-id
QCZ6YSA2YK9DJFQD
X-EdgeConnect-MidMile-RTT
0, 8, 0, 0
Connection
keep-alive
Content-Length
1222
x-amz-id-2
1quR/wWcf4MmOMBOh5O+Dh56ETxYrZy+c1ssPBS/fyqL+3Ry/cAspK5jyO1/piuIhhGkHv0vZRk=
Last-Modified
Tue, 19 Oct 2021 16:00:54 GMT
Server
AmazonS3
ETag
"a8e7eb74a2d4000de591d9250af7701b"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1768
Accept-Ranges
bytes
Expires
Fri, 03 Nov 2023 19:44:18 GMT
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dfir.science
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:19:33 GMT
x-content-type-options
nosniff
age
89717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21564
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:19:33 GMT
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
fonts.gstatic.com/s/robotomono/v23/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dfir.science
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:17:46 GMT
x-content-type-options
nosniff
age
89824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12764
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:16:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:17:46 GMT
fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-solid-900.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://dfir.science
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24562
x-jsd-version
5.15.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78268
x-served-by
cache-fra-eddf8230048-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"131bc-DMssgUp+TKEsR3iCFjOAnLA2Hqo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqyMTSSjaOiJOHTZhHrDf7S%2Fzf52A%2FiYmS6AwHJx6D%2Bqx1dNAz0fzF9jHPLwbdlzvu%2BSj8EpqjowZAksIqqMzgXi3%2BCB8noVyuzQ9j7mwIxd1JLPuGKzBtHrD59%2F6A%2BiS8DWZx0H8WJRsZNWiR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8206f14948bc9b88-FRA
fa-brands-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-brands-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://dfir.science
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35507
x-jsd-version
5.15.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
76736
x-served-by
cache-fra-eddf8230138-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"12bc0-BhPH67pV7kfvMCwPd2YyRpL4mac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0K28i9Tl0WZDqMHhvQnF9PyJLwcVQ2RrzUitE14Ls8DU%2FRzSPuLib16%2BWlF7swKqBMVZ%2Fq1vEfwV9IlVXGiOv4WN%2FuUfn%2BUvVVs8ZvuhztLEGL1ob097AZlp%2BLQ1V1sz5O9mX%2BQKTBe0zPOMkL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8206f14958bf9b88-FRA
fa-regular-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-regular-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin
https://dfir.science
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:14:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1527
x-jsd-version
5.15.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13224
x-served-by
cache-fra-eddf8230106-FRA, cache-jnb7020-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"33a8-E1F1Ka/6OeJYXFkayubcM2tqqRc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir9m2K0qAsYEhip9pnR9GzBP6QmcnXLVhWBvQvEexz2gzrRV2%2BnTLQgAuXWTuOZcC%2Bd1igIE51i%2F%2Fu2Mjy0Y%2Fxw9sUnphlA05Twn7T%2Bu1KJILK2But%2BXW%2BXFd7jYcfMq7s1RBw%2B3avHk0UIGZ%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8206f14958be9b88-FRA
event
app.microanalytics.io/api/ 		3 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.microanalytics.io/api/event
Requested by
Host: microanalytics.io
URL: https://microanalytics.io/js/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.38.185.25 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-06119eaf.vps.ovh.net
Software
nginx /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer
https://dfir.science/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

pragma
no-cache
Date
Fri, 03 Nov 2023 19:14:50 GMT
Server
nginx
X-RateLimit-Remaining
59
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://dfir.science
Cache-Control
private, must-revalidate
Access-Control-Allow-Credentials
true
wikivps.com
HIT from backend
X-RateLimit-Limit
60
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
3
expires
-1
event
app.microanalytics.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.microanalytics.io/api/event
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.38.185.25 , France, ASN16276 (OVH, FR),
Reverse DNS
vps-06119eaf.vps.ovh.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dfir.science
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://dfir.science
Access-Control-Max-Age
0
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Nov 2023 19:14:50 GMT
Keep-Alive
timeout=60
Server
nginx
wikivps.com
HIT from backend
embed.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 		220 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by
Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/3664f5bc2c4350bc7454f233d/bc1e83d88c15540b3c7f781ee.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-94.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6654b68d0ff9285ac11599a5157ebd06daca369f72a44e73202d380f4d7ea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Fri, 03 Nov 2023 06:01:51 GMT
Content-Encoding
gzip
Via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Nov 2023 20:32:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
47580
ETag
W/"e4c99c94cb5379a263249e2feb13499b"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
F-txf33CxQeyQVV7FVbABjD7lCpq9333FozYwWwg9I_vi3UEWs2PuQ==
form-settings
mc.us5.list-manage.com/subscribe/ 		13 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.us5.list-manage.com/subscribe/form-settings?u=3664f5bc2c4350bc7454f233d&id=522fd8fdae&f_id=undefined&u=3664f5bc2c4350bc7454f233d&id=522fd8fdae&c=dojo_request_script_callbacks.dojo_request_script0
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.219.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-219-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d48e9c9e3042a148d0bda0f180257d6a836db082f49095eee1cc94f54ccd45ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires
Fri, 03 Nov 2023 19:19:19 GMT
date
Fri, 03 Nov 2023 19:14:50 GMT
content-encoding
gzip
referrer-policy
same-origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=269
content-length
6277
x-ua-compatible
IE=edge,chrome=1
popup.js
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/ 		106 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/popup.js
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-94.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dbb68b24c7f0f120f5319020a58f84ada5184fcac9a8af2f8546eb45df19e7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 22:11:12 GMT
Content-Encoding
br
Via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Nov 2023 20:32:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
75819
ETag
W/"0a11e2cc3b558e2251cc4eaeb47b508e"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
hrHfL4FSoxHllzgG5Am-bBEGll-SjvNX7FaXgEd3gTNgd4TRT7scCg==
common.css
downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/ Frame 5107 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-94.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66042c10cf2872dd11c4620b1851f79651064c31a563a8cc44c582cf68b493c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 22:11:12 GMT
Content-Encoding
br
Via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Nov 2023 20:32:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
75819
ETag
W/"34a0c901bb8bee89ef0c8c3cd842c125"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
jFU3UukIDY1y_DuoTycvrfyNyDuA6Gr-b5y72AMHsYHrppcsxJpuIA==
banner.css
downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/ Frame 5107 		859 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/banner.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-94.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2b7b5e60cad763a78413ff0195ed7c6ab6b344a793f605fd4414d682cd92481

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 22:11:17 GMT
Via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Nov 2023 20:32:18 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
75814
ETag
"895651742018804deb1404b941bb3055"
x-amz-server-side-encryption
AES256
Vary
Origin
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
859
X-Amz-Cf-Id
fJNUX9xQGV990AYN03bzXmSxgfGdjLAmb4mxlx5H6R0Vt-OPRpvOxA==
common.css
downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/ Frame F1B1 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/common.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-94.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66042c10cf2872dd11c4620b1851f79651064c31a563a8cc44c582cf68b493c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 22:11:12 GMT
Content-Encoding
br
Via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Nov 2023 20:32:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
75819
ETag
W/"34a0c901bb8bee89ef0c8c3cd842c125"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
NLUI_CCF3YWeDlkTBuLMWTGquhpOUqP_Wi2xz3C1A2y7O5e2-ta0zQ==
layout-1.css
downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/ Frame F1B1 		809 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/layout-1.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-94.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b908097392c62c319bd7bb79568bb9a35c0d73415be3035139235dc82d2c8abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 22:11:17 GMT
Via
1.1 34f8e9435dea359238debf97e45feb10.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Nov 2023 20:32:18 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
75814
ETag
"5ee18fb854e4df233cf2dca510bdf817"
x-amz-server-side-encryption
AES256
Vary
Origin
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
809
X-Amz-Cf-Id
Gqlaa-RQrmYlHVhqSZ-WfCdP2BZ0U099IBFSIvux3D-i_h7ESTVprQ==
modal-slidein.css
downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://downloads.mailchimp.com/css/signup-forms/popup/ab07d3a33dd6bffdc7d230f2e09cfd09e1166bde/modal-slidein.css
Requested by
Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-94.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
717a079466da86282255203ddb9f6faafb2bf0ca0bb23ecb539463b3f963bde4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Thu, 02 Nov 2023 22:11:12 GMT
Content-Encoding
br
Via
1.1 e0bdfd4f00aaa5b927cf38c4eda059ca.cloudfront.net (CloudFront)
Last-Modified
Thu, 02 Nov 2023 20:32:18 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P6
Age
75819
ETag
W/"d23d4c0fac6d9f158d23552bbd4592f0"
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
text/css
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
C6Nub75SNQ8zKRKsYtfnMz1T9WgxE1BWzDM2fv9MM34p9cnsyIjV_g==
intuit-mc-rewards-text-dark.svg
digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/intuit-mc-rewards-text-dark.svg
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.175.81 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-175-81.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
accfeda559fe5ed42799382b66b15b55efa0d610e4857f2ef02c763ad3bf3997
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.intuit.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Nov 2023 19:14:51 GMT
x-vhost
publish-oidam
content-disposition
inline
content-length
4576
last-modified
Tue, 01 Aug 2023 16:54:17 GMT
server
Apache
etag
"2ca6-601df65c4e040-gzip"
x-frame-options
ALLOW-FROM https://*.intuit.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
intuit-mc-rewards-text-dark.svg
digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/ Frame F1B1 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digitalasset.intuit.com/render/content/dam/intuit/mc-fe/en_us/images/intuit-mc-rewards-text-dark.svg
Requested by
Host: dfir.science
URL: https://dfir.science/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.175.81 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-175-81.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
accfeda559fe5ed42799382b66b15b55efa0d610e4857f2ef02c763ad3bf3997
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.intuit.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfir.science/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
content-security-policy
frame-ancestors https://*.intuit.com https://*.google.com https://*.ampproject.org https://*.ampify.io;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 03 Nov 2023 19:14:51 GMT
x-vhost
publish-oidam
content-disposition
inline
content-length
4576
last-modified
Tue, 01 Aug 2023 16:54:17 GMT
server
Apache
etag
"2ca6-601df65c4e040-gzip"
x-frame-options
ALLOW-FROM https://*.intuit.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery function| SmoothScroll function| Gumshoe function| lunr object| store object| idx object| pa object| $mcSite function| dojoDefine function| dojoRequire object| dojo object| dijit object| dojox object| dojo_request_script_callbacks function| SignupForm function| PopupSignupForm

3 Cookies

Domain/Path Name / Value
.list-manage.com/ Name: _abck
Value: E35084F2F3F7B7FA52CEB2F061B2ADC8~-1~YAAQx+IlF1Cd2nuLAQAAZAuclgqvNNwc/OczcBzTScGwkfkMFtX622B7quYloldcXH4KOOU8DSMB0hERteAiiVrzWPFc6gSJadqKTQs0O7mFGphJqBP8KEPXR8K+bbTSqlJl0rpPKz4HIDgfYy9BTR7hufvzNNAYpWJn9IQWtyh6f+irm6joQyMm49MDBSzu7gdUQQ1rTfmhgAgBVI4yFhtneFWXj6NN2byrI/EJK4yp2I4DbbYedObZlzxh9H/EjSEDp4cxOeoXm5wwPpuTPmPyFe0XfuuQowuZ1/Hfrg3EW9s+APLJ9P5SJowpSBhI4wc+6xKpuK7TIPV/1oxDicfE2y+FrjszlOgbxASn9eXX5E6DQHUoO/yuK9GYSGRp4g==~-1~-1~-1
.us5.list-manage.com/ Name: ak_bmsc
Value: 8C6246A0CAA3DD2CB8499DC95C9E5F53~000000000000000000000000000000~YAAQx+IlF1Gd2nuLAQAAZAuclhWrmoqfmi416a1ca/a36r6BgkPI+HE+xtVeZnhrevnjNVhvfGAAiJSy1Of4gyPs0AMkSYto0VVZkn2rUcWG4f6gTbLGKzEdIrE9Lz9Ifs1cHpaP9Q62oV5tFQcuz7iFwz1IVQToSBUudInqWRn7fj0d4SNWtpFEdauo8tyMFCPnv20yosGHKYSH6GDGilRS5ResECWsGCe1/suCSEWJ+/cow9o+UwmSNZFRMpJWW/u1FBKPY8Te4EeOy7ApfNXEpy9z5RgB6jRhi/gI4GTcSjejM96uus7279s1rROr+UcCblsbMJMoKzKsp++CvspVcQ28jLz7b2UkNxDDPBuOiR1MIOQxlEcQ8d/yVjROL/B80aL5mDb5IZYSjMV8zoO1kYV7
.list-manage.com/ Name: bm_sz
Value: B146CD4F7514738E6275D9FD79884E74~YAAQx+IlF1Kd2nuLAQAAZAuclhUeMS/jtfP1rf93mepL4r24hMAm3GzljtYPTaBFwa40kIL9tyrNXiNCpHnShqtk8VS8fUMc6i0FgOuiJG2qTqlqR1thho+XLfgm9wL9Y0TZlUd0Yz8FjYCfo6Bgyw5zOoDWjeiUd2fRr/Z1AJqMWq8X4FKecsP4yDu1EEUysMg/Xf5NFHMJrzDoQhPCVLCvj5HsHkKYkm5b8Ixmbc+pMU35KadrOTBj/ooKCpzdqwC1s061XVw1rzLBHpektqoYebDkGbvwt4ejXr3ZUgQdwVttFUzZqQ==~3682609~4277560

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.microanalytics.io
cdn.jsdelivr.net
chimpstatic.com
dfir.science
digitalasset.intuit.com
downloads.mailchimp.com
fonts.googleapis.com
fonts.gstatic.com
mc.us5.list-manage.com
microanalytics.io
104.64.175.81
18.245.86.94
184.25.158.47
23.212.219.180
2606:4700::6810:5714
2606:50c0:8001::153
2606:50c0:8003::153
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::2003
51.38.185.25
04192dfb19cbbcbe957b5f72aaca297f99a7810e605940c3e4b513a3c65acf88
0c50d9002b85780a842afffb567bb54ede402dae7c6dc5997a018614d8044fc8
16e04a9a46ac0ea5e191b0883837e6dd660c7823b5400db021889d4a4e450a8c
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba
39f186b6eb6cae76659183907db8437fda9f3cd362e98dfe0c64596217a7c492
455dd8504356827ccf085274d4fd54ae29b0d906e993b3ecd28a8a9b290cd7f5
49b6eabf151d0d507b6b326036c3df1b64b3aa6eb925e351f95038a310fd09a5
570d99d64a3885d905f17cfb4faed3e713fcdcec052c7f96d38acc145983c5fb
66042c10cf2872dd11c4620b1851f79651064c31a563a8cc44c582cf68b493c2
6aae5c0335e0c8b5ce0d64f530ac253a1942e0113c2e1220925ff43840d1525a
6d6654b68d0ff9285ac11599a5157ebd06daca369f72a44e73202d380f4d7ea9
717a079466da86282255203ddb9f6faafb2bf0ca0bb23ecb539463b3f963bde4
7dbb68b24c7f0f120f5319020a58f84ada5184fcac9a8af2f8546eb45df19e7d
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
91a3e46bd2f13459f49e0725554fa7908e36ac219655c4926b8501e9779c05a6
92237cfde51133d68f42ca8875bd2b72d03bb80717386bd04a9b665fe6e80417
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a8988d67ee7f22fa5e226abb2f8c6da90c5ca00ed17c0e3d2a29fc66e0ccc55d
accfeda559fe5ed42799382b66b15b55efa0d610e4857f2ef02c763ad3bf3997
b2b7b5e60cad763a78413ff0195ed7c6ab6b344a793f605fd4414d682cd92481
b908097392c62c319bd7bb79568bb9a35c0d73415be3035139235dc82d2c8abd
d48e9c9e3042a148d0bda0f180257d6a836db082f49095eee1cc94f54ccd45ac
dea590e7a344ea7b1d9affe6f8b6fcee69778f1aa5e6b4a4a4339b068bd8e6e1
e2c08b3696c561765665f6d299c44dc819d3a6d384bab9f54c0be37f369c975f
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e7f5a1789b7cfbdf8d9d10cc0f5081f6a9ca19ad24f516a52afc865cd0941b3b