www.sans.org Open in urlscan Pro
45.60.31.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Submission: On May 01 via manual (May 1st 2024, 4:51:20 pm UTC) from VE — Scanned from DE

Summary HTTP 69 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 69 HTTP transactions. The main IP is 45.60.31.34, located in United States and belongs to INCAPSULA, US. The main domain is www.sans.org. The Cisco Umbrella rank of the primary domain is 176054.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on January 19th 2024. Valid for: 6 months.

This is the only time www.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	45.60.31.34 45.60.31.34	19551 (INCAPSULA) (INCAPSULA)
1	151.101.192.114 151.101.192.114	54113 (FASTLY) (FASTLY)
15	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	99.80.22.109 99.80.22.109	16509 (AMAZON-02) (AMAZON-02)
1	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.60.33.34 45.60.33.34	19551 (INCAPSULA) (INCAPSULA)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
69	13

33 45.60.31.34 (United States)

ASN19551 (INCAPSULA, US)

www.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.114 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

images.contentstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.22.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.33.34 (United States)

ASN19551 (INCAPSULA, US)

api.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	sans.org www.sans.org — Cisco Umbrella Rank: 176054 api.sans.org — Cisco Umbrella Rank: 347664	849 KB
15	contentstack.io images.contentstack.io — Cisco Umbrella Rank: 11845	2 MB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 306	136 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	336 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	854 B
2	addsearch.com addsearch.com — Cisco Umbrella Rank: 45539	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 535	306 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	25 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	98 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3358	48 KB
69	10

	Domain	Requested by
33	www.sans.org	www.sans.org
15	images.contentstack.io	www.sans.org
7	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org www.sans.org
3	fonts.gstatic.com	www.sans.org
2	www.google.com	www.sans.org www.gstatic.com
2	api.sans.org	cdn.jsdelivr.net
2	addsearch.com	www.sans.org addsearch.com
1	www.gstatic.com	www.google.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn.jsdelivr.net	www.googletagmanager.com
1	www.googletagmanager.com	www.sans.org
1	cdn.evgnet.com	www.sans.org
69	12

This site contains links to these domains. Also see Links.

Domain
www.sans.edu
www.giac.org
isc.sans.edu
partnerportal.sans.org
policies.google.com
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com
www.addsearch.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-19` - `2024-07-17`	6 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-12`	a year	crt.sh
*.contentstack.io Gandi RSA Domain Validation Secure Server CA 3	`2024-04-10` - `2025-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.addsearch.com GeoTrust TLS RSA CA G1	`2023-08-31` - `2024-09-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Frame ID: F637CC7565915181C91B498A7247F787
Requests: 71 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=5p74z969ej0y
Frame ID: 1A3DB8B858B79287A4976C89A0BF3A3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Who, What, Where, When, Why and How of Effective Threat Hunting | SANS Institute

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

69
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

13
IPs

4
Countries

3428 kB
Transfer

8091 kB
Size

9
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sans.edu/academics/launch-your-cybersecurity-career/
Title: Degree and Certificate Programs

Search URL Search Domain Scan URL

URL: https://www.giac.org/podcasts/
Title: Trust Me, I'm Certified

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/
Title: Internet Storm Center

Search URL Search Domain Scan URL

URL: https://partnerportal.sans.org/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.giac.org/certifications/
Title: Certifications

Search URL Search Domain Scan URL

URL: https://www.sans.edu/
Title: Degree Programs

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://twitter.com/sansinstitute
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sansinstitute
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheSANSInstitute
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/14104
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://www.addsearch.com/?utm_source=customer&utm_medium=referer&utm_campaign=customer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/ 235 KB
33 KB 462ms
269ms Document
text/html 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1fd84bd8129308edc2d7fecf9c57adea9dec0362a5e79941292d54c2f05a616c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=30
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
content-type: text/html
date: Wed, 01 May 2024 16:51:13 GMT
etag: W/"d8830b0d6a920da259fcca76a7a3663d"
expect-ct: max-age=86400, enforce
last-modified: Wed, 01 May 2024 16:25:34 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 8dd00afc2ba3c7b003b4e6d6e0ffeae4.cloudfront.net (CloudFront)
x-amz-cf-id: UDWs6TmwSN46sggReamurvnDSJM8-Qj6ll3Jhq6F5BEESnq06lUVwQ==
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
x-iinfo: 14-44737775-44737788 NNNN CT(5 13 0) RT(1714582271757 98) q(0 0 0 1) r(0 2) U18
x-xss-protection: 1; mode=block

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/sansccybersecurity/sans_prod/scripts/ 194 KB
48 KB 139ms
100ms Script
application/javascript 151.101.192.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/sansccybersecurity/sans_prod/scripts/evergage.min.js
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.114 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa444fa4d5426cce13cb0acadb50ce936d84d5db1ce548e57ea08e821eaba8b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: zxrnHp603OF2Nk7UcBNhEiNGNlOry1uC
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 01 May 2024 16:51:13 GMT
x-amz-request-id: QC1C539RPBX69ZD3
age: 36
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 48754
x-amz-id-2: C3Ce33nf0tbjgf+mByVh/nRvKEQ4SfaUaBoyw0Pge0xduGN/WTkExln3U3UWL30+r5JW9Lr37zQ=
x-served-by: cache-iad-kjyo7100035-IAD, cache-fra-etou8220094-FRA
x-amz-meta-evergage-sum: 9886f7b5fb8c96426b39f3fc8adf4d07a83d9ee2
last-modified: Thu, 18 Apr 2024 21:08:12 GMT
server: AmazonS3
x-timer: S1714582273.931105,VS0,VE89
etag: "61d290727375cd69c4f5e09ad293a971"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 185080, 0

GET
H2 200 de6d357.js Show response
www.sans.org/white-papers/_nuxt/ 7 KB
3 KB 400ms
399ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/de6d357.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f95f52515f60cd1be32de18964810a8db89779e765b9f00c7c0f41727650c152

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734664 2VNN RT(1714582271757 396) q(0 0 0 -1) r(1 1) U18
content-length: 2761
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 May 2024 16:25:30 GMT
etag: "c21afa638585bd1a8593a9ebf7651ab3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 e649568.js Show response
www.sans.org/white-papers/_nuxt/ 200 KB
68 KB 787ms
786ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/e649568.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

13ff46c3a5a5eb2a41987ae6523ae4c6f19cfe71b5c3dcb65fd6220611af4007

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734641 2VNN RT(1714582271757 415) q(0 0 0 -1) r(1 1)
content-length: 69607
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"2c9bd5d79323d49015217ed5b73df90b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 de89dab.css
www.sans.org/white-papers/_nuxt/css/ 341 KB
37 KB 299ms
297ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5c95b68a208615906d736372f2e205cab00616779807ba075688eac75dec91e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44737082 2VNN RT(1714582271757 371) q(0 0 0 -1) r(1 1)
content-length: 37715
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Apr 2024 17:27:25 GMT
etag: W/"89dd5b926d93a9a27c3f6b31848f14c1"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/css
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 d92ff56.js Show response
www.sans.org/white-papers/_nuxt/ 232 KB
64 KB 401ms
400ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/d92ff56.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e21342185261381f7c9afee6172a208478ee05a6f91b1ee5cdb232e2d9cdd5f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734358 2VNN RT(1714582271757 423) q(0 0 0 -1) r(1 1)
content-length: 65063
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Apr 2024 17:27:26 GMT
etag: W/"81f5343934bcf2c3e393fe7e9bb38d38"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 fd21fb5.css
www.sans.org/white-papers/_nuxt/css/ 971 B
665 B 298ms
296ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/css/fd21fb5.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3faf06748feaa1c7bc8d9d84d262d209c9c47005cbc5be246743b32e2490d7f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44737003 2VNN RT(1714582271757 377) q(0 0 0 -1) r(1 1)
content-length: 451
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Apr 2024 04:30:51 GMT
etag: "e48a670e857e41e71c49c8f4794970b3"
expect-ct: max-age=86400, enforce
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/css
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 73a7490.js Show response
www.sans.org/white-papers/_nuxt/ 1 MB
191 KB 692ms
691ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/73a7490.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

71dfd7e080f70c7f0fcd4264a8791ceebe5e54467c4ef827b1bbdd1ddc3dd10a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734267 2VNN RT(1714582271757 427) q(0 0 0 -1) r(1 1) U18
content-length: 193844
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 01 May 2024 16:25:29 GMT
etag: "aa7c1a7588b60e68113653035466e200"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 49e3701.css
www.sans.org/white-papers/_nuxt/css/ 294 KB
24 KB 1157ms
1156ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

271041286edae3fbc302109871606bb35c3249d9135032adea1020206a4b0a2a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44737003 2VNN RT(1714582271757 430) q(0 1 1 -1) r(6 6)
content-length: 24483
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Apr 2024 17:27:25 GMT
etag: W/"210678eed7e2342a6c36bf277ffe8451"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/css
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 33fb667.js Show response
www.sans.org/white-papers/_nuxt/ 514 KB
62 KB 1371ms
1370ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/33fb667.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e99599804aa0951f153c309e43b9cf3c29d37f61c77ca4c240165ed98002f18c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734664 2VNN RT(1714582271757 443) q(0 2 2 -1) r(5 5)
content-length: 63551
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Apr 2024 23:00:32 GMT
etag: W/"3dca37478c0a5951d01e97d2ea62d617"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 6bf71cd.css
www.sans.org/white-papers/_nuxt/css/ 40 KB
5 KB 1286ms
1285ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/css/6bf71cd.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

eb75fd16de0bedf424319bc277eea7167e0e00c48e89bc50682d4cca73b3d011

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44737082 2VNN RT(1714582271757 434) q(0 1 1 -1) r(6 6)
content-length: 4823
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Apr 2024 04:30:51 GMT
etag: W/"86921bd44a486bf5d169c51e90426a06"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/css
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 a419027.js Show response
www.sans.org/white-papers/_nuxt/ 2 KB
773 B 2182ms
2181ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/a419027.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d532696d86d5b03028c2d0d4dada51ced0c4901fca1d7bf1ddcee22395dde785

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44738010 2VNN RT(1714582271757 459) q(0 8 8 -1) r(13 13)
content-length: 648
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Apr 2024 17:27:25 GMT
etag: W/"5af903f0c2271b0f2959e242bbc09540"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:43 GMT

GET
H2 200 005987b.css
www.sans.org/white-papers/_nuxt/css/ 24 KB
4 KB 1287ms
1286ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/css/005987b.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ae107cd5722aa33897a1101d53d93b6f3a7d1c8671db74fdc31efcbcd2b8f6a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734355 2VNN RT(1714582271757 440) q(0 1 1 -1) r(6 6)
content-length: 4012
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"8e6dc6ca805612731e8103b3bc0b45ca"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/css
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:42 GMT

GET
H2 200 427cd7c.js Show response
www.sans.org/white-papers/_nuxt/ 61 KB
19 KB 2183ms
2182ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/427cd7c.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

20e7bd79260fbbf86c0c18a81842efac002d63fb607896238708c6e671c756f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734368 2VNN RT(1714582271757 461) q(0 8 8 -1) r(13 13)
content-length: 19124
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:33 GMT
etag: W/"fc79b0539c8ba486bbb595abda0320e4"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:43 GMT

GET
H2 200 290x100_mega_nav_train_and_certify.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte8be34fc229589b9/6273dce3941a2939d3d00f0e/ 31 KB
31 KB 51ms
15ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte8be34fc229589b9/6273dce3941a2939d3d00f0e/290x100_mega_nav_train_and_certify.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: a0aa5707b114579a33f6bd2f1e5bdb28399e0a76431d31c34733664a8b6e2b8f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300702
x-cache: HIT, HIT
fastly-io-info: ifsz=37144 idim=290x100 ifmt=jpeg ofsz=31269 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav_train_and_certify.jpg
fastly-stats: io=1
content-length: 31269
x-request-id: 71d8e00edd2abcb4d7103f5813529042
x-served-by: cache-sjc1000138-SJC, cache-fra-etou8220157-FRA
x-runtime: 55ms
server: contentstack
x-timer: S1714582273.930401,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "ur4XIkLCdBCQfPyRP00VapGVVBhgJPmmf66qwioL8ck"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 0

GET
H2 200 290x100_mega_nav9_manage_your_team.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltf47dc15d424f72e4/6273dce39dad2234e4d02e02/ 29 KB
29 KB 45ms
8ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltf47dc15d424f72e4/6273dce39dad2234e4d02e02/290x100_mega_nav9_manage_your_team.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 37cba10e43067a0214b42d54d09875849f601a914a463c0c1fcacd299070396b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300711
x-cache: HIT, HIT
fastly-io-info: ifsz=36921 idim=290x100 ifmt=jpeg ofsz=29320 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav9_manage_your_team.jpg
fastly-stats: io=1
content-length: 29320
x-request-id: 69873468e902b76b8adaafad0fa24c8e
x-served-by: cache-sjc10077-SJC, cache-fra-etou8220157-FRA
x-runtime: 88ms
server: contentstack
x-timer: S1714582273.930262,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "f/BsIxvXpi+LUiglRdzDmSa5H5VWOCU6sjXxA/YGaAY"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 31, 0

GET
H2 200 290x100_mega_nav3_security_awareness.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt1733d7a8ff26d5ad/6273dce39dfd5f30d076efa0/ 30 KB
30 KB 19ms
18ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt1733d7a8ff26d5ad/6273dce39dfd5f30d076efa0/290x100_mega_nav3_security_awareness.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: c1236d3af38b7d049eca1f27f6b2a7acedbf1d6168cee99138ab4730a24fdd6d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300703
x-cache: HIT, HIT
fastly-io-info: ifsz=38019 idim=290x100 ifmt=jpeg ofsz=30674 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav3_security_awareness.jpg
fastly-stats: io=1
content-length: 30674
x-request-id: e2e4d2cd80c7058ee352a6976e4afae3
x-served-by: cache-sjc1000095-SJC, cache-fra-etou8220157-FRA
x-runtime: 83ms
server: contentstack
x-timer: S1714582273.945989,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "qe3T/381iNlLOnvLkI8GwieG5sLQrJbKsEGMM4CZXvQ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 14, 0

GET
H2 200 290x100_mega_nav4_resources.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt08fed20a2b957c76/6273dce36ed4423afc98e390/ 25 KB
26 KB 46ms
46ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt08fed20a2b957c76/6273dce36ed4423afc98e390/290x100_mega_nav4_resources.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 7d30435414031894c25be74ea98bde63a851f84e547ea6d942b21f1f0a37e233

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300703
x-cache: HIT, HIT
fastly-io-info: ifsz=30358 idim=290x100 ifmt=jpeg ofsz=25883 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav4_resources.jpg
fastly-stats: io=1
content-length: 25883
x-request-id: 7646eca73975e84b60875b3a9c2fed1d
x-served-by: cache-sjc10033-SJC, cache-fra-etou8220157-FRA
x-runtime: 36ms
server: contentstack
x-timer: S1714582273.954116,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "J3lljs423xd5iHf5RMtOG2DoSQ61d/vuzRDhhlKLfTc"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 290x100_mega_nav_get_involved.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltbe97e5485d2294e7/6273dce33debbf3afdd2d898/ 30 KB
30 KB 33ms
33ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltbe97e5485d2294e7/6273dce33debbf3afdd2d898/290x100_mega_nav_get_involved.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 02341acfd22526ad4569d86455a9c94ab08194bd40f329df6577362aa9fe78ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:12 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300701
x-cache: HIT, HIT
fastly-io-info: ifsz=40093 idim=290x100 ifmt=jpeg ofsz=30887 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav_get_involved.jpg
fastly-stats: io=1
content-length: 30887
x-request-id: 93a7ffdce421c51ad52024af011c2873
x-served-by: cache-sjc10077-SJC, cache-fra-etou8220157-FRA
x-runtime: 87ms
server: contentstack
x-timer: S1714582273.967820,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "M9g1vX/vuvTRmfGhW9YO83JI/S+4buwsymkaIHVUzWg"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 31, 0

GET
H2 200 290x100_mega_nav7_about_us.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb48ea6f22e3c9a94/6273dce3d2794936634fa557/ 25 KB
26 KB 16ms
15ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb48ea6f22e3c9a94/6273dce3d2794936634fa557/290x100_mega_nav7_about_us.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 0e7dcd24f724760d2fc0950cb5343c41a414499feb22339cb69d4a3101b2684b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300711
x-cache: HIT, HIT
fastly-io-info: ifsz=31505 idim=290x100 ifmt=jpeg ofsz=25821 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav7_about_us.jpg
fastly-stats: io=1
content-length: 25821
x-request-id: ed0758549423ba943983bb38271c2e66
x-served-by: cache-sjc1000125-SJC, cache-fra-etou8220157-FRA
x-runtime: 69ms
server: contentstack
x-timer: S1714582273.047989,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "CIRcbJFjAy7h9liVtoFgnwKLnwTXgjl/pfwHCIc9bdI"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
98 KB 106ms
51ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddfa26bf14efe88e1de024372df64e5e53a1d0b76a6d057c9bae815668dbd661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99856
x-xss-protection: 0
last-modified: Wed, 01 May 2024 16:08:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 May 2024 16:51:13 GMT

GET
H2 200 470x382_Generic_Whitepaper.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2a744c4ecef48376/60cd090707060a4ae3f13111/ 32 KB
33 KB 16ms
15ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2a744c4ecef48376/60cd090707060a4ae3f13111/470x382_Generic_Whitepaper.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 276038bf07a548cb39b9d8067d1802deabbfa6b9e436cd84b6d5c2576e5fc15c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300712
x-cache: HIT, HIT
fastly-io-info: ifsz=43239 idim=470x382 ifmt=jpeg ofsz=33168 odim=470x382 ofmt=jpeg
content-disposition: inline; filename=470x382_Generic_Whitepaper.jpg
fastly-stats: io=1
content-length: 33168
x-request-id: 029dbafdfff28f1b720c61c643e50620
x-served-by: cache-sjc10077-SJC, cache-fra-etou8220157-FRA
x-runtime: 104ms
server: contentstack
x-timer: S1714582273.048172,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "EhIgDUyK+Jw9ytuUamj4YC1N+KyYz00ydhYe897NHrc"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 10, 0

GET
H2 200 470x382_Generic_Webcast2.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltee3b3f77b96e0d4b/60c7c9520504174955a968ec/ 32 KB
32 KB 53ms
52ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltee3b3f77b96e0d4b/60c7c9520504174955a968ec/470x382_Generic_Webcast2.jpg?auto=webp&width=600
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 71204bd68c9c9155bc74c1d5c18b4b0fa6110d23871f5bdd64ba15395da5d9df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300712
x-cache: HIT, HIT
fastly-io-info: ifsz=74757 idim=470x382 ifmt=jpeg ofsz=32260 odim=600x488 ofmt=webp
filename1: custom
content-disposition: inline; filename=470x382_Generic_Webcast2.webp
fastly-stats: io=1
content-length: 32260
x-request-id: d1fd9d1b3139c92dca5a5f3240e8644a
x-served-by: cache-sjc1000096-SJC, cache-fra-etou8220157-FRA
x-runtime: 146ms
server: contentstack
x-timer: S1714582273.048262,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "7+2oBQQFB8bKHyD++dIoutchM/uihL2ZLO572G9P8co"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 18, 0

GET
H2 200 CTI_Blog_part_1_(1).png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt77d8f25534b9bfdc/659729c0dd0067d33f207940/ 34 KB
34 KB 192ms
191ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt77d8f25534b9bfdc/659729c0dd0067d33f207940/CTI_Blog_part_1_(1).png?auto=webp&width=600
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: e0d35335fe35e460b1152bbe03bb40df49e0c48a436fb558c698fb248c28370f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300704
x-cache: MISS, HIT
fastly-io-info: ifsz=32701 idim=340x340 ifmt=png ofsz=34630 odim=600x600 ofmt=webp
filename1: custom
content-disposition: inline; filename=CTI_Blog_part_1_(1).webp
fastly-stats: io=1
content-length: 34630
x-request-id: 21dbe773f8f4445a991ce83def9d7ea9
x-served-by: cache-sjc1000145-SJC, cache-fra-etou8220157-FRA
x-runtime: 82ms
server: contentstack
x-timer: S1714582273.048973,VS0,VE148
x-contentstack-organization: blt848504a4924ca8db
etag: "bMC+boTKggsahRJDkV/MFG5pkFk5mfodf105zJ6iNLw"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 John_Doyle_370x370.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt26da170951f872bc/607854e2dbce59715a7d47a8/ 1 MB
1 MB 86ms
85ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt26da170951f872bc/607854e2dbce59715a7d47a8/John_Doyle_370x370.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 0750b36f4e287c9ebed2fe06077f4cfe3493c39f50f67d027c3d0fc948ae3d81

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300713
x-cache: HIT, HIT
fastly-io-info: ifsz=1456720 idim=1155x1155 ifmt=png ofsz=1315751 odim=1155x1155 ofmt=png
content-disposition: inline; filename=John_Doyle_370x370.png
fastly-stats: io=1
content-length: 1315751
x-request-id: d573e07cf1144879ae4e0e8cca6400c9
x-served-by: cache-sjc1000133-SJC, cache-fra-etou8220157-FRA
x-runtime: 117ms
server: contentstack
x-timer: S1714582273.049150,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "6xSlTwIFVAWFkj+FwqDBiH18EKjfqNfQMiuPQS+wAAQ"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 FOR589_Blog.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt0e9af19bd943106f/64eed68eaed033a7d611fe06/ 40 KB
40 KB 192ms
191ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt0e9af19bd943106f/64eed68eaed033a7d611fe06/FOR589_Blog.png?auto=webp&width=600
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: c8c81bafac4acf94b38b255c776f0e0413c57e121fa2bcbffa3380ed9ddaf0ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300701
x-cache: HIT, MISS
fastly-io-info: ifsz=40613 idim=340x340 ifmt=png ofsz=40614 odim=600x600 ofmt=webp
filename1: custom
content-disposition: inline; filename=FOR589_Blog.webp
fastly-stats: io=1
content-length: 40614
x-request-id: 1f21253f7bfa9640adad6047add59e1a
x-served-by: cache-sjc1000140-SJC, cache-fra-etou8220157-FRA
x-runtime: 79ms
server: contentstack
x-timer: S1714582273.048690,VS0,VE150
x-contentstack-organization: blt848504a4924ca8db
etag: "IJnhqI+qE+kVaOJYgEG0E+B5TZyvMbtSUezUNaqLZR0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 Will_Thomas_370x370.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte03dce4541a817e9/633da36eeded0211051c454b/ 187 KB
187 KB 13ms
12ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte03dce4541a817e9/633da36eeded0211051c454b/Will_Thomas_370x370.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 0b86c8f6875ce1bfab969517f9ffdab0ffa869e8a66b878dfcc871a4944bfd44

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300710
x-cache: HIT, HIT
fastly-io-info: ifsz=219125 idim=370x370 ifmt=png ofsz=191551 odim=370x370 ofmt=png
content-disposition: inline; filename=Will_Thomas_370x370.png
fastly-stats: io=1
content-length: 191551
x-request-id: 249942e2680c37f83b736e5e63bbc019
x-served-by: cache-sjc10075-SJC, cache-fra-etou8220157-FRA
x-runtime: 121ms
server: contentstack
x-timer: S1714582273.048540,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "jqm0+15c2HAlTtzhSRiqCaaa6o4V5FRJRBFgUzy66wU"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 Linux.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltefb7fef0e5c1ded8/655bb77c7e63e3767110d231/ 24 KB
25 KB 53ms
52ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltefb7fef0e5c1ded8/655bb77c7e63e3767110d231/Linux.png?auto=webp&width=600
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: f31a7dece057bfeb247df8850b0727a178f3831eb8185a7b788258183f62d99f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300705
x-cache: HIT, HIT
fastly-io-info: ifsz=26778 idim=340x340 ifmt=png ofsz=24688 odim=600x600 ofmt=webp
filename1: custom
content-disposition: inline; filename=Linux.webp
fastly-stats: io=1
content-length: 24688
x-request-id: d923edb3a9230abb2faaf34017516fa7
x-served-by: cache-sjc1000147-SJC, cache-fra-etou8220157-FRA
x-runtime: 88ms
server: contentstack
x-timer: S1714582273.048840,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "z5TfQr6zmghpxa/iKIboL7JMGaMyitNa/57cro2LsDM"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 0

GET
H2 200 Taz_Wake_2.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blta2d39252163fc73d/5f4c3913d3f9000eac80c048/ 110 KB
110 KB 86ms
85ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blta2d39252163fc73d/5f4c3913d3f9000eac80c048/Taz_Wake_2.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 6cbd4a2c3b067e04dda531bfbe0372fa55637e8696cabccd0f8d9f60a9bec5ed

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300710
x-cache: HIT, HIT
fastly-io-info: ifsz=128417 idim=370x370 ifmt=png ofsz=112395 odim=370x370 ofmt=png
content-disposition: inline; filename=Taz_Wake_2.png
fastly-stats: io=1
content-length: 112395
x-request-id: 5b766bd1e44a7b8a86d7e29d3e9bee37
x-served-by: cache-sjc1000142-SJC, cache-fra-etou8220157-FRA
x-runtime: 130ms
server: contentstack
x-timer: S1714582273.049147,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "6AwesgEhfI7EXBT0ufDSbBlyqqDpBJBkpG6Yxjj5iUo"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 2 KB
981 B 154ms
41ms Script
application/javascript 99.80.22.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9
Requested by: Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.22.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 83021753e5bc9037bee029abe41132e6a12226591b7e1a705cdfd33433fadc59

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 16:51:13 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 734

GET
H2 200 _Incapsula_Resource Show response
www.sans.org/ 147 KB
21 KB 857ms
857ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1904179135

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1fb210b87e6e34f3c2b9317eb42355d8a787bf8f40fe7b3a61aee80f79b00438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21200
x-xss-protection: 1; mode=block

GET
H3 200 sp.min.js Show response
cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/ 73 KB
25 KB 64ms
40ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/sp.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4234098
x-jsd-version: 3.5.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA, cache-lga21923-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"12364-F9/xW8QJROE2aN3C47q1tjOoX0s"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXPuIS3s5S9ccCcPsqOW2IaCeggX1v9W4bWPZ%2F4JTl%2FOG89em%2B5z2LpFgvcfSfvgXwqF5IkN8Vr2UBCWOz5CJIpgrxZA1bUrp8b%2BTQ1VrZuodRbmxLlOBmTqFB%2BeOnQIX9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 87d14667cc575c98-FRA

OPTIONS
H2 204 tp2
api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/ Frame 0
0 381ms
330ms Preflight
application/json 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	includeSubdomains; preload; max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sans.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Referer,User-Agent,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.sans.org
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
content-type: application/json
date: Wed, 01 May 2024 16:51:13 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: includeSubdomains; preload; max-age=31536000
vary: Origin
x-amz-apigw-id: XGboTE9qIAMFh6g=
x-amzn-requestid: 39458fe0-37b5-47db-bc8f-d0fc4dfe3cb0
x-amzn-trace-id: Root=1-66327301-43d3669e5dcf1c08328c029d
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 5-40235930-40235935 NNNN CT(95 98 0) RT(1714582272779 18) q(0 1 2 0) r(4 4) U24
x-incap-sess-cookie-hdr: Rc8tPTsgAzO3dcfffbF/AQFzMmYAAAAAO5sqlNleDLBIE1fFTQEObw==
x-xss-protection: 1; mode=block

GET
H2 200 logo-sans.b079cf5.svg
www.sans.org/white-papers/_nuxt/img/ 2 KB
1 KB 1806ms
1805ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/logo-sans.b079cf5.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

270c7730866f5d37bab8443a31e750df47bda9669b9637d1a0854b89e325980f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/de89dab.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734664 2VNN RT(1714582271757 794) q(0 5 5 -1) r(10 10)
content-length: 1002
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"ed1f8c8067d5db7c3924613d1af02eff"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:43 GMT

GET
DATA 200
OK truncated
/ 342 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b698a7613b5699ab82438105b51d1391ffa6103ce23ad2068e7f66479d1e2baf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 menu-chevron.510467e.svg
www.sans.org/white-papers/_nuxt/img/ 1 KB
1 KB 2107ms
2107ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/menu-chevron.510467e.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78ca04ceaa354592535991dc60ee768438f0ee7ced1224c5b8e8bd5e5a24898c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/de89dab.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44737928 2VNN RT(1714582271757 797) q(0 13 13 -1) r(17 17)
content-length: 695
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"e41be18adbcfd205935e1869c7d110dc"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 search-icon-blue.2982038.svg
www.sans.org/white-papers/_nuxt/img/ 1 KB
745 B 2718ms
2718ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/search-icon-blue.2982038.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0291038e1dab29b2b5d6ee42c102c6249b47e141ac84a88e5b335236474ac129

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/de89dab.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734368 2VNN RT(1714582271757 802) q(0 17 17 -1) r(17 17)
content-length: 618
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"32c818c97941c024172c43d7db55b330"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
DATA 200
OK truncated
/ 532 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ddf1c3008869a04f57100949a5540f5cd285d893181070e68ae3d051e97c290

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 arrow-thin-right.4f7feec.svg
www.sans.org/white-papers/_nuxt/img/ 2 KB
1 KB 2716ms
2716ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/arrow-thin-right.4f7feec.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a03e27429c0cd9800688f0f1b05e63e24aca8f15730bf883be67e38b71ccc7fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/de89dab.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44738101 2VNN RT(1714582271757 803) q(0 17 17 -1) r(17 17)
content-length: 932
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"d695c952b933929c6567d3d061f0f955"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 44 KB
44 KB 118ms
71ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 23:08:41 GMT
x-content-type-options: nosniff
age: 150152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45416
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:26:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Apr 2025 23:08:41 GMT

GET
H2 200 ClearSans-Regular.e91449d.woff
www.sans.org/white-papers/_nuxt/fonts/ 128 KB
128 KB 1009ms
1009ms Font
font/woff 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/fonts/ClearSans-Regular.e91449d.woff

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d4fe9aaa99bae15c3c5a8f13ff68bfea4bb63c488962c4a0d4fdff717884553c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/de89dab.css
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-cdn: Imperva
x-iinfo: 14-44737775-44737928 2VNN RT(1714582271757 819) q(0 2 2 -1) r(5 5)
content-length: 130846
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Apr 2024 04:30:51 GMT
etag: "2ea640a7b9802752b71fa6564b2d22ca"
expect-ct: max-age=86400, enforce
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: font/woff
cache-control: max-age=30, public
x-incap-sess-cookie-hdr: /jTYcTkxaG4EjU428IeREgFzMmYAAAAAs+4fxJ3vI8qnvhwa75kkgg==
expires: Wed, 01 May 2024 16:51:43 GMT

GET
H2 200 ClearSans-Bold.6667568.woff
www.sans.org/white-papers/_nuxt/fonts/ 114 KB
114 KB 1779ms
1778ms Font
font/woff 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/fonts/ClearSans-Bold.6667568.woff

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

11ebec2c6b408cc5c74f54ce352588752464a82e6322e9a209dcfe6e0dfef533

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/de89dab.css
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-cdn: Imperva
x-iinfo: 14-44737775-44734641 2VNN RT(1714582271757 821) q(0 5 5 -1) r(10 10)
content-length: 116584
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: "4cf6f681b05ddc6375e51c804a496fe2"
expect-ct: max-age=86400, enforce
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: font/woff
cache-control: max-age=30, public
x-incap-sess-cookie-hdr: CKHKLn0l9DIEjU428IeREgFzMmYAAAAAQcuzkaXC5Iul9PJoI+rZnw==
expires: Wed, 01 May 2024 16:51:43 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 46 KB
46 KB 74ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:50:49 GMT
x-content-type-options: nosniff
age: 118824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46988
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:27:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:50:49 GMT

GET
H2 200 jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v11/ 41 KB
42 KB 100ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizYRExUiTo99u79D0e0x8mI.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/de89dab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90c9a418d43701a0a915c62bdb57f7e5015dfc10654aef67179fc32652ec0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:54:28 GMT
x-content-type-options: nosniff
age: 118605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42460
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 07:54:28 GMT

POST
H2 201 tp2 Show response
api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/ 0
990 B 449ms
427ms XHR
application/json 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/sp.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	includeSubdomains; preload; max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
strict-transport-security: includeSubdomains; preload; max-age=31536000
x-content-type-options: nosniff
x-amzn-remapped-content-length: 0
x-cdn: Imperva
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
x-amzn-requestid: 80e36ff7-bc94-4263-bc8b-d31c2f441feb
x-amzn-remapped-connection: keep-alive
x-iinfo: 2-20705748-20705750 NNNN CT(99 101 0) RT(1714582273139 13) q(0 0 2 0) r(3 3) U24
x-amz-apigw-id: XGboXFwyIAMF3qQ=
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amzn-trace-id: Root=1-66327302-052f7e20467d9dec4a75c912
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.sans.org
x-incap-sess-cookie-hdr: NYWUejmOXmS3dcfffbF/AQFzMmYAAAAAwE4NsUh1zoHdczlB9yKduA==
access-control-allow-credentials: true
x-amzn-remapped-date: Wed, 01 May 2024 16:51:14 GMT

GET
H2 200 exclamation-mark.c61735f.svg
www.sans.org/white-papers/_nuxt/img/ 2 KB
1 KB 1768ms
1768ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/exclamation-mark.c61735f.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d11ae3f3c3f0afcbe2ca62d5d48241eb1962b2b97fe8c07cc77df0bbb99f0dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44713113 2VNN RT(1714582271757 1754) q(0 7 7 -1) r(7 7)
content-length: 927
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"fca4747fafd54c9653df531b821ff442"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76c012e96cafc2f8164187f50e7b89e8ff8dfe5260c1c0dda06275a5f4ebecd4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 twitter.2581532.svg
www.sans.org/white-papers/_nuxt/img/ 2 KB
1 KB 1769ms
1769ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/twitter.2581532.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f2b9b7cbdf27e8f4d2a8d9d6a8ddf2eb1149e2b0f79a85027ff04d1cebe5521

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734675 2VNN RT(1714582271757 1759) q(0 7 7 -1) r(10 10)
content-length: 1066
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"8c117eab8d06960b213ade4a41c53621"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 linkedin.fb73d70.svg
www.sans.org/white-papers/_nuxt/img/ 1 KB
803 B 1770ms
1770ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/linkedin.fb73d70.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a45aa8ee64d02baed1f62b6d8d2fcc1e87599ab85f729375d8eff8a6a3765b0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44733604 2VNN RT(1714582271757 1762) q(0 7 7 -1) r(10 10)
content-length: 677
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"554a990bf4270e25d1a77ebc2c9e68a6"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 facebook.52f4f16.svg
www.sans.org/white-papers/_nuxt/img/ 1 KB
722 B 1771ms
1771ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/facebook.52f4f16.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

069231b573c1732783d33f721171bf0ec5b3ca5542330812deedd60da67f46cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734641 2VNN RT(1714582271757 1766) q(0 13 13 -1) r(14 14)
content-length: 594
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"a9781eefe35e6e6969555f5286f9bf26"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 share.1b2e1d9.svg
www.sans.org/white-papers/_nuxt/img/ 2 KB
1 KB 1772ms
1772ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/share.1b2e1d9.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

872fb329acdd644c07d450ed141fcf32c93dca871fb970390bc5d29780d8679f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44713113 2VNN RT(1714582271757 1770) q(0 13 13 -1) r(14 14)
content-length: 932
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"b3cefd935ed7ecc76bf840598ca97b7f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 next-grey.93bc860.svg
www.sans.org/white-papers/_nuxt/img/ 1 KB
877 B 1774ms
1774ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/next-grey.93bc860.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/005987b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

df6379fe8c34adfb99a5983b564a2c050fde0b61244171c78ebdf08109379603

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/005987b.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44733604 2VNN RT(1714582271757 1776) q(0 13 13 -1) r(14 14)
content-length: 725
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"87d2e36c53ab1a37eef9729d41c619e5"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 twitter-blue.e6b7ff2.svg
www.sans.org/white-papers/_nuxt/img/ 2 KB
1 KB 1772ms
1771ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/twitter-blue.e6b7ff2.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d59cda6ae875b8433274d066cfe5d5d42aa5090755abac3a48b5939bfa79bf2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44731773 2VNN RT(1714582271757 1779) q(0 13 13 -1) r(14 14)
content-length: 1072
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"9bef969fb863c4281c00bb1211092cb8"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 facebook-blue.fbb90bb.svg
www.sans.org/white-papers/_nuxt/img/ 1 KB
734 B 1773ms
1772ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/facebook-blue.fbb90bb.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c00f9dc81a56d6a9ff84c25d8c7f22c3712dd8fee84754e2a6ae44182c091996

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44738248 2VNN RT(1714582271757 1782) q(0 13 13 -1) r(13 14)
content-length: 607
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"93defae861d9dfebc162c3e80e2b8a60"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 youtube-blue.531e101.svg
www.sans.org/white-papers/_nuxt/img/ 4 KB
2 KB 1775ms
1774ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/youtube-blue.531e101.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

76e987438e99c6477838308a149d379d791c4e9692e53f15627d68b5d93cd999

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44738101 2VNN RT(1714582271757 1785) q(0 13 13 -1) r(14 14)
content-length: 1761
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"89a0b71d2580a9e3806d565f33d22b99"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H2 200 linkedin-blue.6a18be7.svg
www.sans.org/white-papers/_nuxt/img/ 1 KB
807 B 1775ms
1775ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/white-papers/_nuxt/img/linkedin-blue.6a18be7.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/css/49e3701.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3332992e96bc009b7a3acfd8484ea65a8b07649aad73abbac8d4973952d93604

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/_nuxt/css/49e3701.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734675 2VNN RT(1714582271757 1787) q(0 14 14 -1) r(14 14)
content-length: 679
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:34 GMT
etag: W/"26f7a680215b7b77cd63af3eb0821b91"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:44 GMT

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 55 KB
14 KB 65ms
65ms Script
application/javascript 99.80.22.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addsearch.com/searchui/v3/?key=58b8a4a0d3818cf198ff88f660f8f8f9&i=
Requested by: Host: addsearch.com
URL: https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.22.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3ea8127fbb19569a3ee05a621e3fa9d4e339b9bea1c937a4b79542ecd14ebe84

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 01 May 2024 16:51:14 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 _Incapsula_Resource
www.sans.org/ 1 B
41 B 1061ms
1061ms Image
text/plain 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/_Incapsula_Resource?SWKMTFSR=1&e=0.5202614446067333

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: text/plain
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/ 20 KB
7 KB 53ms
36ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 73308
content-md5: 1C7BuQ3LGAlBcdxyvs3Sgw==
content-length: 6884
x-ms-lease-status: unlocked
last-modified: Wed, 13 Dec 2023 19:33:16 GMT
server: cloudflare
etag: 0x8DBFC125A8AF7EA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5fe8acfe-a01e-009f-33fb-2d7581000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d1466eba1c18d7-FRA
expires: Thu, 02 May 2024 16:51:14 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 b943c60c-995d-4bbc-943e-56b9f742642c.json Show response
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/ 5 KB
2 KB 87ms
60ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/b943c60c-995d-4bbc-943e-56b9f742642c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f5a03311e00163c04e1feaed930f92468fec214b0c7df2915eeb4391d87c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 39964
content-md5: DcfiEr2v06NzyzkGlFWWYA==
content-length: 1721
x-ms-lease-status: unlocked
last-modified: Wed, 13 Dec 2023 19:33:16 GMT
server: cloudflare
etag: 0x8DBFC125A8AA9D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3bbcd25e-b01e-0058-3c57-79e1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d1466f2de965df-FRA
expires: Thu, 02 May 2024 16:51:14 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 73ms
33ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
accept: application/json
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 87d1466fcf85927a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/ 427 KB
103 KB 22ms
21ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b480df2d3690b7262690598f87598bc6e3ab6303e94911f2c1b77a721d7b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VX4GCwjZuARQMrKdtn0EoA==
age: 82226
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 105136
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:15 GMT
server: cloudflare
etag: 0x8DC3E035D45F30B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e0e65e29-a01e-00a0-1a5a-70bd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d1466ffb9518d7-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/62b7bc3f-bec8-467f-8c63-dc25b1746d27/ 60 KB
15 KB 31ms
30ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/62b7bc3f-bec8-467f-8c63-dc25b1746d27/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b47d7a627162cd0e68a6afa7c140cdc2cf1324bb03e4d9d23ae880121aae92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 36488
content-md5: w2iatU1xF63gjOQ4uTHrhQ==
content-length: 14706
x-ms-lease-status: unlocked
last-modified: Wed, 13 Dec 2023 19:33:20 GMT
server: cloudflare
etag: 0x8DBFC125CFB2796
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 380b3180-a01e-006b-2157-79be77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d146703f6265df-FRA
expires: Thu, 02 May 2024 16:51:14 GMT

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 16 KB
4 KB 21ms
21ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFloatingRoundedIcon.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8c8031a5ede4d5c2c26b4cdee74bc0e29e2c8a1c6e6062b7a0a8337abfcb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 16:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6X8Y/xb1eFFrWo3MDi/sjw==
age: 75701
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3829
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:08 GMT
server: cloudflare
etag: 0x8DC3E03597C5A4C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2fcfb04a-c01e-000f-057e-704fef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 87d146707fb765df-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 21 KB
4 KB 28ms
28ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 16:51:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 77444
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6bd7188f-c01e-0089-581d-708356000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87d146707fb865df-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
599 B 24ms
24ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 01 May 2024 16:51:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 4652
x-ms-lease-status: unlocked
last-modified: Tue, 30 Apr 2024 06:34:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f51b0f30-301e-0046-4177-9b0d04000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 87d14670bc5b18d7-FRA

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
854 B 193ms
18ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/d92ff56.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

d201cf8b7ff686b19cef2f3477defc4a9f49c472fd26bd0ca530059f3b656532

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 01 May 2024 16:51:16 GMT

GET
H2 200 88c55f1.js Show response
www.sans.org/white-papers/_nuxt/ 68 KB
22 KB 277ms
276ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/88c55f1.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/de6d357.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3fbc99b9b3ffd6238139976e869e4ef9f840eb42b6f3f4591eaebab21df4f97d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44734675 2VNN RT(1714582271757 3715) q(0 0 0 -1) r(1 1)
content-length: 21796
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 Apr 2024 20:20:33 GMT
etag: W/"97049710181c86e2f2b377e2ab04b8b4"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:45 GMT

GET
H2 200 85d3e52.js Show response
www.sans.org/white-papers/_nuxt/ 763 KB
39 KB 302ms
302ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/white-papers/_nuxt/85d3e52.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/white-papers/_nuxt/de6d357.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1461c18eb3b82b4c0b9ac5568a7b29810f95d801a16673efb06026fc89f1ed35

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/white-papers/who-what-where-when-why-how-effective-threat-hunting/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
x-iinfo: 14-44737775-44738101 2VNN RT(1714582271757 3722) q(0 0 0 -1) r(1 1)
content-length: 40133
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Apr 2024 17:27:25 GMT
etag: W/"5a8e8ea337b0731460c974312bb2f9b5"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: Security Headers PathFactory set XFRAMEOPTS
content-type: text/javascript
cache-control: max-age=30, public
expires: Wed, 01 May 2024 16:51:45 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 509 KB
203 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 20:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207268
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Apr 2025 20:48:42 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 1A3D 0
0 56ms
34ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=5p74z969ej0y

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tN3p59hmgS1RRvzEp-TI5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tN3p59hmgS1RRvzEp-TI5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 May 2024 16:51:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cropped-SANS-Blue-Square-32x32.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2f0555dca45e068f/60a7f26ea450c25ac83cf8f6/ 935 B
1 KB 36ms
36ms Other
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2f0555dca45e068f/60a7f26ea450c25ac83cf8f6/cropped-SANS-Blue-Square-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: bedaa7c98fc593dbe10a8d3825cb9910f8436dfb90450fda921ba2966a2c740e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 16:51:16 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300709
age: 534970
x-cache: HIT, HIT
fastly-io-info: ifsz=1126 idim=32x32 ifmt=png ofsz=935 odim=32x32 ofmt=png
content-disposition: inline; filename=cropped-SANS-Blue-Square-32x32.png
fastly-stats: io=1
content-length: 935
x-request-id: f65d6307708d773336117cc45ae9a153
x-served-by: cache-sjc10040-SJC, cache-fra-etou8220157-FRA
x-runtime: 108ms
server: contentstack
x-timer: S1714582277.647165,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "0UgNkq5Vh0vzcW4qaVHRvvhAOXYsvromPAg0fKVporo"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 32, 1

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sans.org/	1970-01-21 05:01:21	Name: visid_incap_1329355 Value: G+rVAoqmTlS/ywLvrjfVgP9yMmYAAAAAQUIPAAAAAACjskdhCqXI/RyRGiC0m2Fy
.sans.org/	1969-12-31 23:59:59	Name: nlbi_1329355_2448318 Value: j153Z8uFLAUesXB0OuH6GQAAAABdpTlJwqJfxi4Bc3M9BOgp
.sans.org/	1969-12-31 23:59:59	Name: incap_ses_1338_1329355 Value: 01bXf4uKMkoEjU428IeREgBzMmYAAAAAh7rNzACX2OGxjgtnEi8AtA==
.sans.org/	1970-01-20 20:16:24	Name: spses.6b32 Value: *
.sans.org/	1970-01-21 05:52:22	Name: spid.6b32 Value: 56d4f48a-ed44-4923-b033-7b3b7b9f0cdd.1714582273.1.1714582273..b707c843-7838-46a2-9f5a-f4170fed55e0..ef32d64e-d0e3-4d08-9290-9d34cf079853.1714582273313.1
api.sans.org/	1970-01-21 05:00:52	Name: visid_incap_2809573 Value: nMHSOO27R/GgfZLnpHJ7vgBzMmYAAAAAQUIPAAAAAADv/VbSa5yDdArRpuX9vn/J
api.sans.org/	1969-12-31 23:59:59	Name: nlbi_2809573_2682479 Value: SqcgWAPTRhvkL/Fr4LPcvAAAAAByfug/Wwf5iJvJx4IUuKWy
api.sans.org/	1969-12-31 23:59:59	Name: incap_ses_108_2809573 Value: rBbHAE61LTW3dcfffbF/AQFzMmYAAAAAd+RaButCbJNH5Y0njN+e/A==
.sans.org/	1970-01-21 05:01:58	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+May+01+2024+18%3A51%3A14+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.sans.org%2Fwhite-papers%2Fwho-what-where-when-why-how-effective-threat-hunting%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://qa-www.sans.org https://uat-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Security Headers PathFactory set XFRAMEOPTS
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsearch.com
api.sans.org
cdn.cookielaw.org
cdn.evgnet.com
cdn.jsdelivr.net
fonts.gstatic.com
geolocation.onetrust.com
images.contentstack.io
www.google.com
www.googletagmanager.com
www.gstatic.com
www.sans.org
104.16.88.20
142.250.186.68
151.101.192.114
151.101.194.137
2606:4700:4400::ac40:9b77
2606:4700::6813:b234
2a00:1450:4001:810::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
45.60.31.34
45.60.33.34
99.80.22.109
02341acfd22526ad4569d86455a9c94ab08194bd40f329df6577362aa9fe78ee
0291038e1dab29b2b5d6ee42c102c6249b47e141ac84a88e5b335236474ac129
069231b573c1732783d33f721171bf0ec5b3ca5542330812deedd60da67f46cd
0750b36f4e287c9ebed2fe06077f4cfe3493c39f50f67d027c3d0fc948ae3d81
0b86c8f6875ce1bfab969517f9ffdab0ffa869e8a66b878dfcc871a4944bfd44
0d11ae3f3c3f0afcbe2ca62d5d48241eb1962b2b97fe8c07cc77df0bbb99f0dc
0ddf1c3008869a04f57100949a5540f5cd285d893181070e68ae3d051e97c290
0e7dcd24f724760d2fc0950cb5343c41a414499feb22339cb69d4a3101b2684b
11ebec2c6b408cc5c74f54ce352588752464a82e6322e9a209dcfe6e0dfef533
13ff46c3a5a5eb2a41987ae6523ae4c6f19cfe71b5c3dcb65fd6220611af4007
1461c18eb3b82b4c0b9ac5568a7b29810f95d801a16673efb06026fc89f1ed35
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1fb210b87e6e34f3c2b9317eb42355d8a787bf8f40fe7b3a61aee80f79b00438
1fd84bd8129308edc2d7fecf9c57adea9dec0362a5e79941292d54c2f05a616c
20e7bd79260fbbf86c0c18a81842efac002d63fb607896238708c6e671c756f0
270c7730866f5d37bab8443a31e750df47bda9669b9637d1a0854b89e325980f
271041286edae3fbc302109871606bb35c3249d9135032adea1020206a4b0a2a
276038bf07a548cb39b9d8067d1802deabbfa6b9e436cd84b6d5c2576e5fc15c
3332992e96bc009b7a3acfd8484ea65a8b07649aad73abbac8d4973952d93604
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
35b480df2d3690b7262690598f87598bc6e3ab6303e94911f2c1b77a721d7b49
35f5a03311e00163c04e1feaed930f92468fec214b0c7df2915eeb4391d87c1d
37cba10e43067a0214b42d54d09875849f601a914a463c0c1fcacd299070396b
3ea8127fbb19569a3ee05a621e3fa9d4e339b9bea1c937a4b79542ecd14ebe84
3faf06748feaa1c7bc8d9d84d262d209c9c47005cbc5be246743b32e2490d7f8
3fbc99b9b3ffd6238139976e869e4ef9f840eb42b6f3f4591eaebab21df4f97d
5c95b68a208615906d736372f2e205cab00616779807ba075688eac75dec91e2
6cbd4a2c3b067e04dda531bfbe0372fa55637e8696cabccd0f8d9f60a9bec5ed
6f2b9b7cbdf27e8f4d2a8d9d6a8ddf2eb1149e2b0f79a85027ff04d1cebe5521
71204bd68c9c9155bc74c1d5c18b4b0fa6110d23871f5bdd64ba15395da5d9df
71dfd7e080f70c7f0fcd4264a8791ceebe5e54467c4ef827b1bbdd1ddc3dd10a
76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0
76c012e96cafc2f8164187f50e7b89e8ff8dfe5260c1c0dda06275a5f4ebecd4
76e987438e99c6477838308a149d379d791c4e9692e53f15627d68b5d93cd999
78ca04ceaa354592535991dc60ee768438f0ee7ced1224c5b8e8bd5e5a24898c
7d30435414031894c25be74ea98bde63a851f84e547ea6d942b21f1f0a37e233
83021753e5bc9037bee029abe41132e6a12226591b7e1a705cdfd33433fadc59
872fb329acdd644c07d450ed141fcf32c93dca871fb970390bc5d29780d8679f
8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9b47d7a627162cd0e68a6afa7c140cdc2cf1324bb03e4d9d23ae880121aae92b
a03e27429c0cd9800688f0f1b05e63e24aca8f15730bf883be67e38b71ccc7fd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aa5707b114579a33f6bd2f1e5bdb28399e0a76431d31c34733664a8b6e2b8f
a45aa8ee64d02baed1f62b6d8d2fcc1e87599ab85f729375d8eff8a6a3765b0b
a90c9a418d43701a0a915c62bdb57f7e5015dfc10654aef67179fc32652ec0f2
ae107cd5722aa33897a1101d53d93b6f3a7d1c8671db74fdc31efcbcd2b8f6a7
b698a7613b5699ab82438105b51d1391ffa6103ce23ad2068e7f66479d1e2baf
bedaa7c98fc593dbe10a8d3825cb9910f8436dfb90450fda921ba2966a2c740e
c00f9dc81a56d6a9ff84c25d8c7f22c3712dd8fee84754e2a6ae44182c091996
c1236d3af38b7d049eca1f27f6b2a7acedbf1d6168cee99138ab4730a24fdd6d
c8c81bafac4acf94b38b255c776f0e0413c57e121fa2bcbffa3380ed9ddaf0ee
caa444fa4d5426cce13cb0acadb50ce936d84d5db1ce548e57ea08e821eaba8b
d201cf8b7ff686b19cef2f3477defc4a9f49c472fd26bd0ca530059f3b656532
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4fe9aaa99bae15c3c5a8f13ff68bfea4bb63c488962c4a0d4fdff717884553c
d532696d86d5b03028c2d0d4dada51ced0c4901fca1d7bf1ddcee22395dde785
d59cda6ae875b8433274d066cfe5d5d42aa5090755abac3a48b5939bfa79bf2e
dc8c8031a5ede4d5c2c26b4cdee74bc0e29e2c8a1c6e6062b7a0a8337abfcb6a
ddfa26bf14efe88e1de024372df64e5e53a1d0b76a6d057c9bae815668dbd661
df6379fe8c34adfb99a5983b564a2c050fde0b61244171c78ebdf08109379603
e0d35335fe35e460b1152bbe03bb40df49e0c48a436fb558c698fb248c28370f
e21342185261381f7c9afee6172a208478ee05a6f91b1ee5cdb232e2d9cdd5f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
e99599804aa0951f153c309e43b9cf3c29d37f61c77ca4c240165ed98002f18c
eb75fd16de0bedf424319bc277eea7167e0e00c48e89bc50682d4cca73b3d011
f31a7dece057bfeb247df8850b0727a178f3831eb8185a7b788258183f62d99f
f95f52515f60cd1be32de18964810a8db89779e765b9f00c7c0f41727650c152

www.sans.org Open in urlscan Pro 45.60.31.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

42 %IPv6

10 Domains

12 Subdomains

13 IPs

4 Countries

3428 kBTransfer

8091 kBSize

9 Cookies

13 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sans.org Open in urlscan Pro
45.60.31.34 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

42 %
IPv6

10
Domains

12
Subdomains

13
IPs

4
Countries

3428 kB
Transfer

8091 kB
Size

9
Cookies

69 HTTP transactions
4 data transactions