www.sans.org Open in urlscan Pro
45.60.31.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Submission: On June 06 via manual (June 6th 2024, 6:31:40 pm UTC) from CZ — Scanned from DE

Summary HTTP 99 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 99 HTTP transactions. The main IP is 45.60.31.34, located in United States and belongs to INCAPSULA, US. The main domain is www.sans.org. The Cisco Umbrella rank of the primary domain is 151109.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q2 on May 30th 2024. Valid for: 6 months.

This is the only time www.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	45.60.31.34 45.60.31.34	19551 (INCAPSULA) (INCAPSULA)
1	2a02:26f0:350... 2a02:26f0:3500:889::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.64.114 151.101.64.114	54113 (FASTLY) (FASTLY)
17	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	99.80.22.109 99.80.22.109	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
7	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	45.60.33.34 45.60.33.34	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
8	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
99	16

34 45.60.31.34 (United States)

ASN19551 (INCAPSULA, US)

www.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:889::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.114 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

images.contentstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.22.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.33.34 (United States)

ASN19551 (INCAPSULA, US)

api.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f100.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	sans.org www.sans.org — Cisco Umbrella Rank: 151109 api.sans.org — Cisco Umbrella Rank: 343525	597 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 95	14 KB
17	contentstack.io images.contentstack.io — Cisco Umbrella Rank: 12021	1 MB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 375	136 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	338 KB
2	google.com www.google.com — Cisco Umbrella Rank: 5	947 B
2	addsearch.com addsearch.com — Cisco Umbrella Rank: 51353	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 631	305 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 354	25 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	101 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3940	48 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 834	89 KB
99	12

	Domain	Requested by
34	www.sans.org	www.sans.org
18	www.youtube.com	www.sans.org www.googletagmanager.com www.youtube.com cdn.cookielaw.org
17	images.contentstack.io	www.sans.org
7	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org www.sans.org
3	fonts.gstatic.com	www.sans.org
2	www.google.com	www.sans.org www.gstatic.com
2	api.sans.org	cdn.jsdelivr.net
2	addsearch.com	www.sans.org addsearch.com
1	www.gstatic.com	www.google.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	cdn.jsdelivr.net	www.googletagmanager.com
1	www.googletagmanager.com	www.sans.org
1	cdn.evgnet.com	www.sans.org
1	cdn.optimizely.com	www.sans.org
99	14

This site contains links to these domains. Also see Links.

Domain
www.sans.edu
www.giac.org
isc.sans.edu
partnerportal.sans.org
zeltser.com
www.facebook.com
www.youtube.com
published-prd.lanyonevents.com
remnux.org
youtu.be
docs.remnux.org
github.com
www.linkedin.com
x64dbg.com
ghidra-sre.org
malwology.com
blogs.blackberry.com
www.dropbox.com
didierstevens.com
sans.org
twitter.com
policies.google.com
www.addsearch.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-05-30` - `2024-11-26`	6 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-12`	a year	crt.sh
*.contentstack.io Gandi RSA Domain Validation Secure Server CA 3	`2024-04-10` - `2025-05-04`	a year	crt.sh
*.addsearch.com GeoTrust TLS RSA CA G1	`2023-08-31` - `2024-09-05`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Frame ID: 45E7DFD7432BD4C2B41E2E690A559D22
Requests: 76 HTTP requests in this frame

Frame: https://www.youtube.com/embed/20xYpxe8mBg
Frame ID: D9DC361547644CED6D8F277E0251A86B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/AcPnOfXoqIg
Frame ID: 4E5B46CC46049B1F4BD8A322EEE8EE55
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/f-fMdnUW4X4
Frame ID: 0C33D3450A8163AF330FC83F4CE1B9B0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gZrU2X1Q5OA
Frame ID: F5B58983BA9BB90D261C2A3BD63D39C3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NCO9F7U3d6c
Frame ID: 454B867B8C4566360A0A3BBAF0775900
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XxjeRuwRyOw
Frame ID: 04FC513C279D194D86B8F69AC1906B4A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JWC7fzhvAY8
Frame ID: 0BBC1577BC0625424CB5FADC9217D1CA
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/opdVFQEBCNU
Frame ID: 24614FB618BE8A8DE51BD7E3911E8334
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/20xYpxe8mBg?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: E63714080236120E8416231B79D336D1
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/AcPnOfXoqIg?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: 853884686A893E5FAED83A92C46452D4
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/f-fMdnUW4X4?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: 0A87F4237FB3DF47153DD99EC7C902E7
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gZrU2X1Q5OA?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: EE622638ED9A350D7447A7095F2F8CB0
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NCO9F7U3d6c?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: B198A89AF7585DE0E26BF55880505496
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XxjeRuwRyOw?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: E898C4596868CCFDE7799C573C32532C
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JWC7fzhvAY8?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: 1559F6CC9B2B27352476F9938D2CCFED
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/opdVFQEBCNU?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org
Frame ID: 05CE376C5E535F0BBAC4D304E1F1BA94
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=5alyjps7cad6
Frame ID: BDAD323160F505E7151873753A563B04
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How You Can Start Learning Malware Analysis | SANS Institute

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

99
Requests

92 %
HTTPS

53 %
IPv6

12
Domains

14
Subdomains

16
IPs

3
Countries

2832 kB
Transfer

7270 kB
Size

12
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sans.edu/academics/launch-your-cybersecurity-career/
Title: Degree and Certificate Programs

Search URL Search Domain Scan URL

URL: https://www.giac.org/podcasts/
Title: Trust Me, I'm Certified

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/
Title: Internet Storm Center

Search URL Search Domain Scan URL

URL: https://partnerportal.sans.org/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://zeltser.com/mastering-4-stages-of-malware-analysis/
Title: Mastering 4 Stages of Malware Analysis

Search URL Search Domain Scan URL

URL: https://www.facebook.com/LearnREM
Title: the LearnREM page I maintain on Facebook

Search URL Search Domain Scan URL

URL: https://zeltser.com/automated-malware-analysis/
Title: several malware analysis sandboxes for free

Search URL Search Domain Scan URL

URL: https://zeltser.com/build-malware-analysis-toolkit/
Title: 5 Steps to Building a Malware Analysis Toolkit Using Free Tools

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=20xYpxe8mBg
Title: Practical Malware Analysis Essentials

Search URL Search Domain Scan URL

URL: https://published-prd.lanyonevents.com/published/rsaus19/sessionsFiles/13567/HT-T09_Practical%20Malware%20Analysis%20Essentials%20for%20Incident%20Responders.pdf
Title: reviewing the corresponding slides

Search URL Search Domain Scan URL

URL: https://zeltser.com/contact
Title: reach out to me

Search URL Search Domain Scan URL

URL: https://remnux.org/
Title: REMnux

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=AcPnOfXoqIg
Title: What’s New in REMnux v7

Search URL Search Domain Scan URL

URL: https://youtu.be/AcPnOfXoqIg?t=1505
Title: jump to the 25-minute mark

Search URL Search Domain Scan URL

URL: https://docs.remnux.org/discover-the-tools/
Title: categorized listing of the tools on REMnux

Search URL Search Domain Scan URL

URL: https://github.com/fireeye/flare-floss
Title: FLOSS

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diary/Malware+Triage+with+FLOSS%3A+API+Calls+Based+Behavior/26156
Title: documented in a Malware Triage post

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/xmertens/
Title: Xavier Mertens

Search URL Search Domain Scan URL

URL: https://zeltser.com/malware-analysis-webcast/
Title: Introduction to Malware Analysis

Search URL Search Domain Scan URL

URL: https://x64dbg.com/
Title: x64dbg

Search URL Search Domain Scan URL

URL: https://zeltser.com/reverse-engineering-malicious-code-tips/
Title: Reverse-Engineering Malicious Code cheat sheet

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=gZrU2X1Q5OA
Title: Evasion Tactics in Malware from the Inside Out

Search URL Search Domain Scan URL

URL: https://zeltser.com/media/docs/malware-analysis-lab.pdf
Title: corresponding slides

Search URL Search Domain Scan URL

URL: https://ghidra-sre.org/
Title: Ghidra

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=NCO9F7U3d6c
Title: Code Analysis With Ghidra

Search URL Search Domain Scan URL

URL: https://malwology.com/
Title: Anuj Soni

Search URL Search Domain Scan URL

URL: https://blogs.blackberry.com/en/2019/07/an-introduction-to-code-analysis-with-ghidra
Title: his accompanying blog post

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/evandygert/
Title: Evan Dygert’s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=XxjeRuwRyOw
Title: Shortcuts for Understanding Malicious Scripts

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/sh/34zvd5ww6nminid/AAAfKexd3nyoW96OkMuYrklQa?dl=0
Title: accompanying slides and malware samples

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/mari-degrazia/
Title: Mari DeGrazia’s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=JWC7fzhvAY8
Title: Finding and Decoding Malicious Powershell Scripts

Search URL Search Domain Scan URL

URL: https://didierstevens.com/
Title: Didier Stevens

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=opdVFQEBCNU
Title: Analyzing Malicious Office Documents

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/ryanjchapman/
Title: Ryan Chapman

Search URL Search Domain Scan URL

URL: https://github.com/rj-chap/CFWorkshop
Title: Understanding and Analyzing Carrier Files

Search URL Search Domain Scan URL

URL: https://zeltser.com/analyzing-malicious-documents/
Title: Analyzing Malicious Documents cheat sheet

Search URL Search Domain Scan URL

URL: https://zeltser.com/deliberate-practice-for-security-skills/
Title: focused, deliberate practice

Search URL Search Domain Scan URL

URL: https://zeltser.com/malware-analysis-cheat-sheet/
Title: Cheat Sheet for Analyzing Malicious Software

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=28hSO2zGMLM
Title: Shellcode Analysis 101

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jclausing/
Title: Jim Clausing

Search URL Search Domain Scan URL

URL: https://zeltser.com/state-of-malware-analysis/
Title: The State of Malware Analysis: Advice from the Trenches

Search URL Search Domain Scan URL

URL: https://zeltser.com/malware-sample-sources/
Title: Free Malware Sample Sources for Researchers

Search URL Search Domain Scan URL

URL: https://sans.org/
Title: SANS Institute

Search URL Search Domain Scan URL

URL: https://twitter.com/lennyzeltser
Title: on Twitter

Search URL Search Domain Scan URL

URL: https://zeltser.com/start-learning-malware-analysis/
Title: on Lenny Zeltser's blog

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.giac.org/certifications/
Title: Certifications

Search URL Search Domain Scan URL

URL: https://www.sans.edu/
Title: Degree Programs

Search URL Search Domain Scan URL

URL: https://twitter.com/sansinstitute
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sansinstitute
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheSANSInstitute
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/14104
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://www.addsearch.com/?utm_source=customer&utm_medium=referer&utm_campaign=customer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

99 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.sans.org/blog/how-you-can-start-learning-malware-analysis/ 288 KB
45 KB 479ms
214ms Document
text/html 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bef02a2c378df97989afc302193acdef232f8292e763c0914966bfca72c194b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=30
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
content-type: text/html
date: Thu, 06 Jun 2024 18:31:34 GMT
etag: W/"e5e4c7614d719bdab9bd111e5bdc6463"
expect-ct: max-age=86400, enforce
last-modified: Thu, 06 Jun 2024 14:56:10 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-id: Hp6A1i42SLcuJtvvW1uuCWkJ68of6xn6NxswQvj-DhUkmcKBMWNSIA==
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364781 NNNN CT(1 3 0) RT(1717698693535 116) q(0 0 0 0) r(0 1) U18
x-xss-protection: 1; mode=block

GET
H2 200 28081820005.js Show response
cdn.optimizely.com/js/ 293 KB
89 KB 245ms
186ms Script
text/javascript 2a02:26f0:3500:889::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/28081820005.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:889::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

43253d42f698553e37abdcf7235cc4124fec1566f4c62226b3d81d24108651f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: rkgfHXGjUJgZcWFaRqHZytBrxRGE4gko
content-encoding: gzip
date: Thu, 06 Jun 2024 18:31:34 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: CCVENCHMFVX2GQ8K
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 142
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=132, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="9";dur=0,cdnip;desc="2a02:26f0:3500:889::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1717698694193_388276621_3255864363_13246_1824_8_27_219";dur=1
content-length: 90738
x-amz-id-2: IlmOvpSX/mjpBEcw3olOmzA1EJXXgjw1fYII2tsGUyW/y2Avi05nirUKJqPdMFtZC6+TXkIjx2o=
last-modified: Wed, 05 Jun 2024 10:53:07 GMT
server: AmazonS3
etag: "12bee4b9de99118b3475fff3d39fb716"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/sansccybersecurity/sans_prod/scripts/ 194 KB
48 KB 156ms
97ms Script
application/javascript 151.101.64.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/sansccybersecurity/sans_prod/scripts/evergage.min.js
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.114 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99755c96c0916d2ddb174b63841608ab51faf2830a6d7f2b5d76580bf1c2d17c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: CK7CD1M9uyxvOGrDRhnM50fIblpmAl3z
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 06 Jun 2024 18:31:34 GMT
x-amz-request-id: QDGN9B6JMNKR512H
age: 84
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 48755
x-amz-id-2: KQCtjvl9gS+Lhfbp16McgqvovvzeAtl/98JVsr2qz4s1CDNadoyi0RZfh2wXDNfY869lY8BYl4E=
x-served-by: cache-iad-kjyo7100035-IAD, cache-fra-etou8220082-FRA
x-amz-meta-evergage-sum: e73e71f18d926795ab117e4d7637c4755089aed2
last-modified: Fri, 17 May 2024 19:20:52 GMT
server: AmazonS3
x-timer: S1717698694.230935,VS0,VE89
etag: "183dc18d36f00e07dc67a2aef5fbd9a7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 363466, 0

GET
H2 200 c03d60b.js Show response
www.sans.org/blog/_nuxt/ 7 KB
3 KB 575ms
559ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/c03d60b.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

76ea84631ebf1cc584cea8df1bd708db574b2871e5e8c00af33fdea72fc325b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22357667 2VNN RT(1717698693535 501) q(0 0 0 -1) r(1 1) U18
content-length: 2754
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Jun 2024 14:56:04 GMT
etag: W/"128dc2023aa6655a0a3e06c402e2c3ef"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 31238a5.js Show response
www.sans.org/blog/_nuxt/ 200 KB
68 KB 378ms
362ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/31238a5.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5b486c802e9077063a6c7a3e3509cb0b240d42c9741a6178fd111e696c3e0939

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22362776 2VNN RT(1717698693535 502) q(0 0 0 -1) r(1 1)
content-length: 69592
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 16:19:59 GMT
etag: W/"c6cafa966bde0cc5ca68ef168c646062"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 01d8f63.css
www.sans.org/blog/_nuxt/css/ 367 KB
39 KB 272ms
256ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/css/01d8f63.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

23c1cfddf61314c8d732e8e25b97927101d424092153a2cd7dbb51c82e285bff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22360637 2VNN RT(1717698693535 399) q(0 0 0 -1) r(1 1)
content-length: 39816
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 16:19:59 GMT
etag: W/"21a4992119ef3427ae35f870245c2fee"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/css
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 a7e8ba8.js Show response
www.sans.org/blog/_nuxt/ 304 KB
84 KB 578ms
562ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/a7e8ba8.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

64972ce2be4d046088bdcdb35b6122ab05c0ecb84c7a94e29ba4822ed9d3b157

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22362787 2VNN RT(1717698693535 502) q(0 0 0 -1) r(1 1)
content-length: 85362
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 16:19:59 GMT
etag: W/"8604ec1eb0c6e39f66ff872b14fb24da"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 fd21fb5.css
www.sans.org/blog/_nuxt/css/ 971 B
596 B 258ms
242ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/css/fd21fb5.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3faf06748feaa1c7bc8d9d84d262d209c9c47005cbc5be246743b32e2490d7f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22362776 2VNN RT(1717698693535 491) q(0 0 0 -1) r(0 0)
content-length: 451
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 05 May 2024 04:21:05 GMT
etag: "e48a670e857e41e71c49c8f4794970b3"
expect-ct: max-age=86400, enforce
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/css
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 5e30c91.js Show response
www.sans.org/blog/_nuxt/ 685 KB
125 KB 577ms
561ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/5e30c91.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4d4f93a787526851cc67ea2a708a3b7598ba468c09f5dae081db0d5283338d50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22360637 2VNN RT(1717698693535 503) q(0 0 0 -1) r(1 1) U18
content-length: 126726
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 06 Jun 2024 14:56:03 GMT
etag: W/"af8647ac18a1bda02256ed7cbefeea4e"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:03 GMT

GET
H2 200 73d693c.css
www.sans.org/blog/_nuxt/css/ 189 KB
15 KB 281ms
266ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/css/73d693c.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d489576bac06d30112558279010ed19408cdc0bc868bda0f91378141356023af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22358643 2VNN RT(1717698693535 494) q(0 0 0 -1) r(1 1)
content-length: 15688
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 16:19:59 GMT
etag: W/"4cc4e560d4392f0f2caac37b2aa5d3aa"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/css
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 3916b27.js Show response
www.sans.org/blog/_nuxt/ 450 KB
46 KB 697ms
682ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/3916b27.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0873846067a6eb91eb7a14022dfc9bced3956d289783c72bd07062b839183dfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22352555 2VNN RT(1717698693535 504) q(0 1 1 -1) r(1 1)
content-length: 47417
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 04 Jun 2024 21:34:21 GMT
etag: W/"51d0d835429cff578eea1e222e4c7f53"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 83c6f81.css
www.sans.org/blog/_nuxt/css/ 23 KB
4 KB 255ms
240ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/css/83c6f81.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

16fb712a9c6a9a44944c45f2991d4c25aebb05d563488e03661b0242de1828e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22357667 2VNN RT(1717698693535 495) q(0 0 0 -1) r(0 0)
content-length: 3610
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 04:21:53 GMT
etag: W/"d298ddd2df675919716e863373aa007a"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/css
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 81635d8.js Show response
www.sans.org/blog/_nuxt/ 16 KB
6 KB 692ms
678ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/81635d8.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3bc655e138c07f24562a8384d5731727db12d451a2304088c9cf155ee9c2d6a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22363174 2VNN RT(1717698693535 504) q(0 1 1 -1) r(1 1)
content-length: 5897
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 16:19:59 GMT
etag: W/"015e27afdaa4e30e661f8e7c526d2b0e"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 77e6673.css
www.sans.org/blog/_nuxt/css/ 50 KB
6 KB 267ms
253ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/css/77e6673.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4a6d06db00567b9cc14987d0002552637832387cf47a1dcd7dfd83fa607a2ab2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22362787 2VNN RT(1717698693535 496) q(0 0 0 -1) r(0 0)
content-length: 5848
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 16:19:59 GMT
etag: W/"ccdebd903f30cf114c8cc94205a34e0e"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/css
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 2b06182.js Show response
www.sans.org/blog/_nuxt/ 9 KB
3 KB 791ms
776ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/2b06182.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

136001035e2775b18774afa1f03f2065b344bfefa049ba324f563bf6b652e309

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364801 2VNN RT(1717698693535 505) q(0 1 1 -1) r(1 2)
content-length: 2517
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 16:19:59 GMT
etag: W/"90eea19f4bb47daa601cf24fdf47ae92"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 8ca6355.css
www.sans.org/blog/_nuxt/css/ 61 KB
6 KB 350ms
336ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/css/8ca6355.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

54d670a4f200d8314a0935b6a4d1fdde99bd04ec56abc2f3d86ebef27a4c37e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22363174 2VNN RT(1717698693535 497) q(0 0 0 -1) r(1 1)
content-length: 6110
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:29 GMT
etag: W/"bc6882978679006e8629c7f49133102b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/css
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 f538fdb.js Show response
www.sans.org/blog/_nuxt/ 2 KB
916 B 758ms
743ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/f538fdb.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5269122827487da84f83f9e6220cbf2024ab507573a1f77ec9b44724e67af340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364802 2VNN RT(1717698693535 506) q(0 1 1 -1) r(1 2)
content-length: 792
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 05 May 2024 04:21:05 GMT
etag: W/"89e9c8a3137c5a0b004b86dee17212d3"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 290x100_mega_nav_train_and_certify.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte8be34fc229589b9/6273dce3941a2939d3d00f0e/ 31 KB
31 KB 70ms
14ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blte8be34fc229589b9/6273dce3941a2939d3d00f0e/290x100_mega_nav_train_and_certify.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: a0aa5707b114579a33f6bd2f1e5bdb28399e0a76431d31c34733664a8b6e2b8f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300702
x-cache: HIT, HIT
fastly-io-info: ifsz=37144 idim=290x100 ifmt=jpeg ofsz=31269 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav_train_and_certify.jpg
fastly-stats: io=1
content-length: 31269
x-request-id: 36f38960f0f0982286d3c65e4d13df04
x-served-by: cache-sjc1000138-SJC, cache-fra-etou8220023-FRA
x-runtime: 164ms
server: contentstack
x-timer: S1717698694.231339,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "ur4XIkLCdBCQfPyRP00VapGVVBhgJPmmf66qwioL8ck"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 17, 0

GET
H2 200 290x100_mega_nav9_manage_your_team.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltf47dc15d424f72e4/6273dce39dad2234e4d02e02/ 29 KB
29 KB 65ms
9ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltf47dc15d424f72e4/6273dce39dad2234e4d02e02/290x100_mega_nav9_manage_your_team.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 37cba10e43067a0214b42d54d09875849f601a914a463c0c1fcacd299070396b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300711
x-cache: HIT, HIT
fastly-io-info: ifsz=36921 idim=290x100 ifmt=jpeg ofsz=29320 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav9_manage_your_team.jpg
fastly-stats: io=1
content-length: 29320
x-request-id: 6e3e5e2a387e977ebcd1d35ea7b2ab3b
x-served-by: cache-sjc10077-SJC, cache-fra-etou8220023-FRA
x-runtime: 39ms
server: contentstack
x-timer: S1717698694.231477,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "f/BsIxvXpi+LUiglRdzDmSa5H5VWOCU6sjXxA/YGaAY"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 17, 0

GET
H2 200 290x100_mega_nav3_security_awareness.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt1733d7a8ff26d5ad/6273dce39dfd5f30d076efa0/ 30 KB
30 KB 17ms
11ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt1733d7a8ff26d5ad/6273dce39dfd5f30d076efa0/290x100_mega_nav3_security_awareness.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: c1236d3af38b7d049eca1f27f6b2a7acedbf1d6168cee99138ab4730a24fdd6d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300703
x-cache: HIT, HIT
fastly-io-info: ifsz=38019 idim=290x100 ifmt=jpeg ofsz=30674 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav3_security_awareness.jpg
fastly-stats: io=1
content-length: 30674
x-request-id: ebd3273f5e2b08e3c71042a1d2b355cd
x-served-by: cache-sjc1000095-SJC, cache-fra-etou8220023-FRA
x-runtime: 88ms
server: contentstack
x-timer: S1717698694.259696,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "qe3T/381iNlLOnvLkI8GwieG5sLQrJbKsEGMM4CZXvQ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 290x100_mega_nav4_resources.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt08fed20a2b957c76/6273dce36ed4423afc98e390/ 25 KB
26 KB 13ms
11ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt08fed20a2b957c76/6273dce36ed4423afc98e390/290x100_mega_nav4_resources.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 7d30435414031894c25be74ea98bde63a851f84e547ea6d942b21f1f0a37e233

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300703
x-cache: HIT, HIT
fastly-io-info: ifsz=30358 idim=290x100 ifmt=jpeg ofsz=25883 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav4_resources.jpg
fastly-stats: io=1
content-length: 25883
x-request-id: df9778264c5019f1a4b08062ee5dc24e
x-served-by: cache-sjc10033-SJC, cache-fra-etou8220023-FRA
x-runtime: 82ms
server: contentstack
x-timer: S1717698694.259722,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "J3lljs423xd5iHf5RMtOG2DoSQ61d/vuzRDhhlKLfTc"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 16, 0

GET
H2 200 290x100_mega_nav_get_involved.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltbe97e5485d2294e7/6273dce33debbf3afdd2d898/ 30 KB
30 KB 16ms
11ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltbe97e5485d2294e7/6273dce33debbf3afdd2d898/290x100_mega_nav_get_involved.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 02341acfd22526ad4569d86455a9c94ab08194bd40f329df6577362aa9fe78ee

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300701
x-cache: HIT, HIT
fastly-io-info: ifsz=40093 idim=290x100 ifmt=jpeg ofsz=30887 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav_get_involved.jpg
fastly-stats: io=1
content-length: 30887
x-request-id: 1e03b3ab2d97914aeff767ef698377eb
x-served-by: cache-sjc10077-SJC, cache-fra-etou8220023-FRA
x-runtime: 108ms
server: contentstack
x-timer: S1717698694.283410,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "M9g1vX/vuvTRmfGhW9YO83JI/S+4buwsymkaIHVUzWg"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 290x100_mega_nav7_about_us.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb48ea6f22e3c9a94/6273dce3d2794936634fa557/ 25 KB
25 KB 22ms
18ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb48ea6f22e3c9a94/6273dce3d2794936634fa557/290x100_mega_nav7_about_us.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 0e7dcd24f724760d2fc0950cb5343c41a414499feb22339cb69d4a3101b2684b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300711
x-cache: HIT, HIT
fastly-io-info: ifsz=31505 idim=290x100 ifmt=jpeg ofsz=25821 odim=290x100 ofmt=jpeg
content-disposition: inline; filename=290x100_mega_nav7_about_us.jpg
fastly-stats: io=1
content-length: 25821
x-request-id: e72134a49ed03af15f0b56012e8cbbd5
x-served-by: cache-sjc1000125-SJC, cache-fra-etou8220023-FRA
x-runtime: 108ms
server: contentstack
x-timer: S1717698695.500580,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "CIRcbJFjAy7h9liVtoFgnwKLnwTXgjl/pfwHCIc9bdI"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 15, 0

GET
H2 200 Lenny_Portrait_New_370x370.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt546f67edcdc026f6/61eec607b1c6de35becb975e/ 516 KB
517 KB 18ms
15ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt546f67edcdc026f6/61eec607b1c6de35becb975e/Lenny_Portrait_New_370x370.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: a63b3af3324cd164b3f2ebe1417128a7d79cbbd0e06f26d98b308121d8717b71

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300711
x-cache: HIT, HIT
fastly-io-info: ifsz=219077 idim=1339x1339 ifmt=jpeg ofsz=528439 odim=1339x1339 ofmt=jpeg
content-disposition: inline; filename=Lenny_Portrait_New_370x370.jpg
fastly-stats: io=1
content-length: 528439
x-request-id: f387774f7427984027c376a980152ce9
x-served-by: cache-sjc10076-SJC, cache-fra-etou8220023-FRA
x-runtime: 117ms
server: contentstack
x-timer: S1717698695.500552,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "+JhdM0loVg0v+GgNkPRSdncyw0VJfundg2nxfiHqKx4"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 36, 0

GET
H2 200 image_1.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltef2bd987a37a4628/5ff71335b721aa1cd8dc4822/ 165 KB
166 KB 281ms
278ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltef2bd987a37a4628/5ff71335b721aa1cd8dc4822/image_1.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: fb813c191c13a11cf9dfafa7d76e4e7d7e64cf1376e6521a6ac214ad34ef6d8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300702
x-cache: HIT, HIT
fastly-io-info: ifsz=169585 idim=2560x1085 ifmt=jpeg ofsz=169455 odim=2560x1085 ofmt=jpeg
content-disposition: inline; filename=image_1.jpg
fastly-stats: io=1
content-length: 169455
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10025-SJC, cache-fra-etou8220023-FRA
x-runtime: 112ms
x-request-id: 5a2f2da752202916843641075a1f35a8
server: contentstack
x-timer: S1717698695.500521,VS0,VE149
x-contentstack-organization: blt848504a4924ca8db
etag: "m2yvphSt7tPnHoLc5/2Aoeu865JmTyeNVZmCOaD/5mI"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 19, 0

GET
H2 200 image_2.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt6e8cea95971c33a0/5ff71362b08361084bffd9a8/ 275 KB
275 KB 17ms
14ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt6e8cea95971c33a0/5ff71362b08361084bffd9a8/image_2.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 8172ace442390f75debfa116d77bde3bb321ac1b667edb7d08a4aae13d6a4516

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300702
x-cache: HIT, HIT
fastly-io-info: ifsz=281599 idim=2048x1456 ifmt=png ofsz=281599 odim=2048x1456 ofmt=png
content-disposition: inline; filename=image_2.png
fastly-stats: io=1
content-length: 281599
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10079-SJC, cache-fra-etou8220023-FRA
x-runtime: 110ms
x-request-id: 3922e19740a77428ffa3841267762b67
server: contentstack
x-timer: S1717698695.500511,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "E/SwqbyPmxEm8vR5j9gCOZpDJY0F4aN21U9Sg6uexcw"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 Blog_teaser_images_(1).png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt4b21600402415852/61df0fbbbf9cb8387cc1e4bd/ 39 KB
39 KB 17ms
15ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt4b21600402415852/61df0fbbbf9cb8387cc1e4bd/Blog_teaser_images_(1).png?auto=webp&width=600
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: f781c8b3a9f20777c3fc72b4fb51c8556d358f016b772c302ec23330b9c32589

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300702
x-cache: HIT, HIT
fastly-io-info: ifsz=35468 idim=340x340 ifmt=png ofsz=39428 odim=600x600 ofmt=webp
filename1: custom
content-disposition: inline; filename=Blog_teaser_images_(1).webp
fastly-stats: io=1
content-length: 39428
x-request-id: 8ff1231bd8be8738f9d40d8a03c5c03d
x-served-by: cache-sjc1000144-SJC, cache-fra-etou8220023-FRA
x-runtime: 84ms
server: contentstack
x-timer: S1717698695.500496,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "jKRkZMFHG8yabp6SQtnTSZ0wH98eHy4B5OwPbqjlEx0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 16, 0

GET
H2 200 Viv_Ross_370x370.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt57bb1b6bed2d92fd/60a6b9e7cc7ff369bd791a95/ 165 KB
166 KB 29ms
27ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt57bb1b6bed2d92fd/60a6b9e7cc7ff369bd791a95/Viv_Ross_370x370.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 86389610caa1d1ee1bb9b3a1d438f331a35f4fd3c92febe62ee5e9f9ec4f5622

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300710
x-cache: HIT, HIT
fastly-io-info: ifsz=188216 idim=370x370 ifmt=png ofsz=168932 odim=370x370 ofmt=png
content-disposition: inline; filename=Viv_Ross_370x370.png
fastly-stats: io=1
content-length: 168932
x-request-id: d4fb635b17373aa9d854cb686b8b9f99
x-served-by: cache-sjc10069-SJC, cache-fra-etou8220023-FRA
x-runtime: 126ms
server: contentstack
x-timer: S1717698695.500492,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "KF4vEUfiUYZtFKynC/6agdh3LECUkD0LgMgRTbZvEYo"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 0

GET
H2 200 470x382_STAR_Webcast.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2ee6483a5dd88ce8/60df32a67c871833cab1379b/ 43 KB
43 KB 30ms
27ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2ee6483a5dd88ce8/60df32a67c871833cab1379b/470x382_STAR_Webcast.jpg?auto=webp&width=600
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 0712f5066465e22122eccd03614519bd1cabf74ccfb5b538ce925dd39cdd62cd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300704
x-cache: HIT, HIT
fastly-io-info: ifsz=82468 idim=470x382 ifmt=jpeg ofsz=43754 odim=600x488 ofmt=webp
filename1: custom
content-disposition: inline; filename=470x382_STAR_Webcast.webp
fastly-stats: io=1
content-length: 43754
x-request-id: 15ae0d1b7e028dee09e2f3b3e8b5c3fb
x-served-by: cache-sjc10037-SJC, cache-fra-etou8220023-FRA
x-runtime: 160ms
server: contentstack
x-timer: S1717698695.500913,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "SlRtfIOtqUIYQvfCdBGD9PNuX3NKCDO4ZzWHPxhMEu4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 21, 0

GET
H2 200 370x370_katie-nickels.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt9af95fe2917a2f98/5eb35e1421a5027d7741f987/ 87 KB
87 KB 29ms
27ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt9af95fe2917a2f98/5eb35e1421a5027d7741f987/370x370_katie-nickels.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 9c7bfc5c392363cb47ac4b884d58651676552d93a4118e8bcc291b6847056bc3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300708
x-cache: HIT, HIT
fastly-io-info: ifsz=104873 idim=370x370 ifmt=jpeg ofsz=89035 odim=370x370 ofmt=jpeg
content-disposition: inline; filename=370x370_katie-nickels.jpg
fastly-stats: io=1
content-length: 89035
x-request-id: b7fbc88c789464bbb9ecc701ffd54d6a
x-served-by: cache-sjc10027-SJC, cache-fra-etou8220023-FRA
x-runtime: 103ms
server: contentstack
x-timer: S1717698695.501252,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "zzcTKSlVf3dB0VImypC3kgirJNXFtUUhrvnRdzr9wAo"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 14, 0

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 2 KB
981 B 120ms
30ms Script
application/javascript 99.80.22.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.22.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a95a1bdf7f0e11cf9b9d8c81939f715d4b0ccc0fa513f738dc7e5b34fabd6585

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 18:31:34 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 734

GET
H2 200 _Incapsula_Resource Show response
www.sans.org/ 152 KB
21 KB 433ms
431ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1451472966

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3cc9aa7909665e4bb5f8f0955aee63ffc60a14f9baf562ff1f3e49a6fee71c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21796
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 362 KB
101 KB 117ms
51ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bc1aa4f3c52e6ba40cbc24ddd47e1993f276757a2c2a0ab5d33d4c157102303

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103159
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 06 Jun 2024 18:31:34 GMT

GET
H2 200 20xYpxe8mBg
www.youtube.com/embed/ Frame D9DC 0
0 140ms
83ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/20xYpxe8mBg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-KRBZ2oCaeIFMb5oEa8xBqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AcPnOfXoqIg
www.youtube.com/embed/ Frame 4E5B 0
0 252ms
206ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/AcPnOfXoqIg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f-fMdnUW4X4
www.youtube.com/embed/ Frame 0C33 0
0 111ms
65ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/f-fMdnUW4X4

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gZrU2X1Q5OA
www.youtube.com/embed/ Frame F5B5 0
0 118ms
105ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/gZrU2X1Q5OA

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 NCO9F7U3d6c
www.youtube.com/embed/ Frame 454B 0
0 152ms
147ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NCO9F7U3d6c

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 XxjeRuwRyOw
www.youtube.com/embed/ Frame 04FC 0
0 78ms
74ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XxjeRuwRyOw

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JWC7fzhvAY8
www.youtube.com/embed/ Frame 0BBC 0
0 137ms
127ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JWC7fzhvAY8

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 opdVFQEBCNU
www.youtube.com/embed/ Frame 2461 0
0 201ms
200ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/opdVFQEBCNU

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Viv_Ross_370x370.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt57bb1b6bed2d92fd/60a6b9e7cc7ff369bd791a95/ 165 KB
0 0ms
0ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt57bb1b6bed2d92fd/60a6b9e7cc7ff369bd791a95/Viv_Ross_370x370.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 86389610caa1d1ee1bb9b3a1d438f331a35f4fd3c92febe62ee5e9f9ec4f5622

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300710
x-cache: HIT, HIT
fastly-io-info: ifsz=188216 idim=370x370 ifmt=png ofsz=168932 odim=370x370 ofmt=png
content-disposition: inline; filename=Viv_Ross_370x370.png
fastly-stats: io=1
content-length: 168932
x-request-id: d4fb635b17373aa9d854cb686b8b9f99
x-served-by: cache-sjc10069-SJC, cache-fra-etou8220023-FRA
x-runtime: 126ms
server: contentstack
x-timer: S1717698695.500492,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "KF4vEUfiUYZtFKynC/6agdh3LECUkD0LgMgRTbZvEYo"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 0

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 55 KB
14 KB 83ms
83ms Script
application/javascript 99.80.22.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://addsearch.com/searchui/v3/?key=58b8a4a0d3818cf198ff88f660f8f8f9&i=
Requested by: Host: addsearch.com
URL: https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.22.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-22-109.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0893fc9a1a9e206a2d84e197e9939047407c19e4a1756abb3f0c994e25efec83

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 06 Jun 2024 18:31:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sp.min.js Show response
cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/ 73 KB
25 KB 203ms
0ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/sp.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 06 Jun 2024 18:31:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1432012
x-jsd-version: 3.5.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25416
x-served-by: cache-fra-eddf8230071-FRA
x-jsd-version-type: version
etag: W/"12364-F9/xW8QJROE2aN3C47q1tjOoX0s"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/ 20 KB
7 KB 240ms
37ms Script
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76637
content-md5: 1C7BuQ3LGAlBcdxyvs3Sgw==
content-length: 6884
x-ms-lease-status: unlocked
last-modified: Wed, 13 Dec 2023 19:33:16 GMT
server: cloudflare
etag: 0x8DBFC125A8AF7EA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5fe8acfe-a01e-009f-33fb-2d7581000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88fa7aeb8acf3645-FRA
expires: Fri, 07 Jun 2024 18:31:34 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 266ms
0ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d3e2321f6291c79830f86d5e84eda3d40c9568f574b54a159c350f7b300aaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 06 Jun 2024 18:31:35 GMT

GET
H2 200 logo-sans.d72c7e5.svg
www.sans.org/blog/_nuxt/img/ 4 KB
2 KB 225ms
148ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/logo-sans.d72c7e5.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be3b161eca24051313cc59d561426001989e585ef63bfb64336994902d2322c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364813 2VNN RT(1717698693535 1129) q(0 0 0 -1) r(0 1)
content-length: 1672
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 23:25:07 GMT
etag: W/"e647dc13abbda64092e117c11ba75b06"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
DATA 200
OK truncated
/ 342 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b698a7613b5699ab82438105b51d1391ffa6103ce23ad2068e7f66479d1e2baf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 menu-chevron.510467e.svg
www.sans.org/blog/_nuxt/img/ 1 KB
835 B 217ms
142ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/menu-chevron.510467e.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78ca04ceaa354592535991dc60ee768438f0ee7ced1224c5b8e8bd5e5a24898c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364801 2VNN RT(1717698693535 1125) q(0 0 0 -1) r(1 1)
content-length: 695
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"e41be18adbcfd205935e1869c7d110dc"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 search-icon-blue.2982038.svg
www.sans.org/blog/_nuxt/img/ 1 KB
779 B 215ms
141ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/search-icon-blue.2982038.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0291038e1dab29b2b5d6ee42c102c6249b47e141ac84a88e5b335236474ac129

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22360637 2VNN RT(1717698693535 1127) q(0 0 0 -1) r(1 1)
content-length: 595
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"32c818c97941c024172c43d7db55b330"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
DATA 200
OK truncated
/ 532 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ddf1c3008869a04f57100949a5540f5cd285d893181070e68ae3d051e97c290

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 link-icon.0489af3.svg
www.sans.org/blog/_nuxt/img/ 3 KB
2 KB 316ms
242ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/link-icon.0489af3.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8d501c87ecf6a67ba39e5a8a05dc89e7456680b2a5260e6439e05724cf42a75e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364809 2VNN RT(1717698693535 1226) q(0 0 0 -1) r(1 1)
content-length: 1500
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:29 GMT
etag: W/"dea235bebadf19e8294fa31e90c6f8fa"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 twitter.2581532.svg
www.sans.org/blog/_nuxt/img/ 2 KB
1 KB 318ms
245ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/twitter.2581532.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f2b9b7cbdf27e8f4d2a8d9d6a8ddf2eb1149e2b0f79a85027ff04d1cebe5521

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22360637 2VNN RT(1717698693535 1131) q(0 1 1 -1) r(2 2)
content-length: 1071
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"8c117eab8d06960b213ade4a41c53621"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 linkedin.fb73d70.svg
www.sans.org/blog/_nuxt/img/ 1 KB
855 B 247ms
176ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/linkedin.fb73d70.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a45aa8ee64d02baed1f62b6d8d2fcc1e87599ab85f729375d8eff8a6a3765b0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22362787 2VNN RT(1717698693535 1130) q(0 0 0 -1) r(1 1)
content-length: 692
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"554a990bf4270e25d1a77ebc2c9e68a6"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 facebook.52f4f16.svg
www.sans.org/blog/_nuxt/img/ 1 KB
718 B 260ms
189ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/facebook.52f4f16.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

069231b573c1732783d33f721171bf0ec5b3ca5542330812deedd60da67f46cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22358643 2VNN RT(1717698693535 1132) q(0 1 1 -1) r(1 1)
content-length: 594
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:29 GMT
etag: W/"a9781eefe35e6e6969555f5286f9bf26"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 share.1b2e1d9.svg
www.sans.org/blog/_nuxt/img/ 2 KB
1 KB 217ms
146ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/share.1b2e1d9.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

872fb329acdd644c07d450ed141fcf32c93dca871fb970390bc5d29780d8679f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364811 2VNN RT(1717698693535 1129) q(0 0 0 -1) r(0 1)
content-length: 927
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"b3cefd935ed7ecc76bf840598ca97b7f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 next-grey.93bc860.svg
www.sans.org/blog/_nuxt/img/ 1 KB
849 B 233ms
162ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/next-grey.93bc860.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

df6379fe8c34adfb99a5983b564a2c050fde0b61244171c78ebdf08109379603

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364809 2VNN RT(1717698693535 1128) q(0 0 0 -1) r(0 1)
content-length: 725
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"87d2e36c53ab1a37eef9729d41c619e5"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 arrow-thin-right.4f7feec.svg
www.sans.org/blog/_nuxt/img/ 2 KB
1 KB 330ms
260ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/arrow-thin-right.4f7feec.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a03e27429c0cd9800688f0f1b05e63e24aca8f15730bf883be67e38b71ccc7fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364813 2VNN RT(1717698693535 1228) q(0 0 0 -1) r(1 1)
content-length: 922
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:29 GMT
etag: W/"d695c952b933929c6567d3d061f0f955"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 twitter-blue.e6b7ff2.svg
www.sans.org/blog/_nuxt/img/ 2 KB
1 KB 312ms
241ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/twitter-blue.e6b7ff2.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d59cda6ae875b8433274d066cfe5d5d42aa5090755abac3a48b5939bfa79bf2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364802 2VNN RT(1717698693535 1231) q(0 0 0 -1) r(1 1)
content-length: 1040
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"9bef969fb863c4281c00bb1211092cb8"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 facebook-blue.fbb90bb.svg
www.sans.org/blog/_nuxt/img/ 1 KB
718 B 313ms
243ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/facebook-blue.fbb90bb.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c00f9dc81a56d6a9ff84c25d8c7f22c3712dd8fee84754e2a6ae44182c091996

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22352555 2VNN RT(1717698693535 1232) q(0 0 0 -1) r(1 1)
content-length: 594
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:29 GMT
etag: W/"93defae861d9dfebc162c3e80e2b8a60"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 youtube-blue.531e101.svg
www.sans.org/blog/_nuxt/img/ 4 KB
2 KB 328ms
259ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/youtube-blue.531e101.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

76e987438e99c6477838308a149d379d791c4e9692e53f15627d68b5d93cd999

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364824 2VNN RT(1717698693535 1233) q(0 0 0 -1) r(0 1)
content-length: 1794
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:30 GMT
etag: W/"89a0b71d2580a9e3806d565f33d22b99"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 linkedin-blue.6a18be7.svg
www.sans.org/blog/_nuxt/img/ 1 KB
803 B 411ms
342ms Image
image/svg+xml 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/blog/_nuxt/img/linkedin-blue.6a18be7.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/73d693c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3332992e96bc009b7a3acfd8484ea65a8b07649aad73abbac8d4973952d93604

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/73d693c.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364809 2VNN RT(1717698693535 1233) q(0 1 1 -1) r(1 1)
content-length: 679
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:29 GMT
etag: W/"26f7a680215b7b77cd63af3eb0821b91"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: image/svg+xml
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 44 KB
45 KB 210ms
0ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 23:13:49 GMT
x-content-type-options: nosniff
age: 242266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45416
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:26:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Jun 2025 23:13:49 GMT

GET
H2 200 ClearSans-Regular.b987360.woff2
www.sans.org/blog/_nuxt/fonts/ 44 KB
44 KB 251ms
158ms Font
font/woff2 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/fonts/ClearSans-Regular.b987360.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-cdn: Imperva
x-iinfo: 8-22364779-22358643 2VNN RT(1717698693535 1249) q(0 1 1 -1) r(1 1)
content-length: 44664
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 23:25:06 GMT
etag: "4dd5d02bf54ad96ae7d03bf6cef6a966"
expect-ct: max-age=86400, enforce
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: font/woff2
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 ClearSans-Bold.e87c5b4.woff2
www.sans.org/blog/_nuxt/fonts/ 43 KB
43 KB 285ms
192ms Font
font/woff2 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/fonts/ClearSans-Bold.e87c5b4.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/_nuxt/css/01d8f63.css
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-cdn: Imperva
x-iinfo: 8-22364779-22364802 2VNN RT(1717698693535 1251) q(0 1 1 -1) r(1 1)
content-length: 44176
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 May 2024 23:25:06 GMT
etag: "76687bf10bd465fe4da2b0a2b52a7b7a"
expect-ct: max-age=86400, enforce
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: font/woff2
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:04 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 46 KB
46 KB 214ms
0ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:18:21 GMT
x-content-type-options: nosniff
age: 187994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46988
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:27:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:18:21 GMT

GET
H2 200 jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v11/ 41 KB
42 KB 255ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizYRExUiTo99u79D0e0x8mI.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/css/01d8f63.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90c9a418d43701a0a915c62bdb57f7e5015dfc10654aef67179fc32652ec0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:19:46 GMT
x-content-type-options: nosniff
age: 187909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42460
x-xss-protection: 0
last-modified: Mon, 22 Jul 2019 19:28:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:19:46 GMT

GET
H2 200 b943c60c-995d-4bbc-943e-56b9f742642c.json Show response
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/ 5 KB
2 KB 172ms
39ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/b943c60c-995d-4bbc-943e-56b9f742642c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f5a03311e00163c04e1feaed930f92468fec214b0c7df2915eeb4391d87c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Jun 2024 18:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 43120
content-md5: DcfiEr2v06NzyzkGlFWWYA==
content-length: 1721
x-ms-lease-status: unlocked
last-modified: Wed, 13 Dec 2023 19:33:16 GMT
server: cloudflare
etag: 0x8DBFC125A8AA9D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3bbcd25e-b01e-0058-3c57-79e1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88fa7aecac509a12-FRA
expires: Fri, 07 Jun 2024 18:31:35 GMT

GET
H2 200 _Incapsula_Resource
www.sans.org/ 1 B
41 B 202ms
121ms Image
text/plain 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/_Incapsula_Resource?SWKMTFSR=1&e=0.6024256884824073

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: text/plain
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
x-xss-protection: 1; mode=block

POST
H2 201 tp2 Show response
api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/ 0
928 B 544ms
506ms XHR
application/json 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/sp.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	includeSubdomains; preload; max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 06 Jun 2024 18:31:36 GMT
strict-transport-security: includeSubdomains; preload; max-age=31536000
x-content-type-options: nosniff
x-amzn-remapped-content-length: 0
x-cdn: Imperva
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
x-amzn-requestid: fb724126-7107-4ed1-89d7-ae528618501e
x-amzn-remapped-connection: keep-alive
x-iinfo: 12-13873099-13873105 NNNN CT(103 268 0) RT(1717698695062 29) q(0 0 4 1) r(5 5) U24
x-amz-apigw-id: Y9UFVGqHoAMFs8w=
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amzn-trace-id: Root=1-66620088-6ac2380f585f434814e38ce2
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.sans.org
access-control-allow-credentials: true
x-amzn-remapped-date: Thu, 06 Jun 2024 18:31:36 GMT

OPTIONS
H2 204 tp2
api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/ Frame 0
0 600ms
286ms Preflight
application/json 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sans.org/event-stream/collect/snowplow/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security	includeSubdomains; preload; max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.sans.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Referer,User-Agent,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.sans.org
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
content-type: application/json
date: Thu, 06 Jun 2024 18:31:35 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: includeSubdomains; preload; max-age=31536000
vary: Origin
x-amz-apigw-id: Y9UFPE2goAMFYNQ=
x-amzn-requestid: 52dbb393-9b38-4e73-8c3e-c2f856427262
x-amzn-trace-id: Root=1-66620087-1c9acc6b55e2636b0e405773
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 11-12262279-12262348 NNNN CT(97 100 0) RT(1717698694522 162) q(0 0 2 0) r(3 3) U24
x-xss-protection: 1; mode=block

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/ 37 KB
13 KB 138ms
0ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b29d787e8c5413c10ab04c5bb44ba272b76f725cc5c680593cd8c52f1c7c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 14:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12603
x-xss-protection: 0
last-modified: Tue, 04 Jun 2024 05:00:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Jun 2025 14:01:12 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
305 B 499ms
15ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 88fa7af00cce1989-FRA
access-control-allow-headers: Content-Type

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
947 B 369ms
82ms Script
text/javascript 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/a7e8ba8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f100.1e100.net

Software

GSE /

Resource Hash

f6cf571e0e071f2a0242af86e593ac828fb1ec9f2444a5225b3f385f9792d33f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 06 Jun 2024 18:31:35 GMT

GET
H2 200 7d122c6.js Show response
www.sans.org/blog/_nuxt/ 68 KB
21 KB 250ms
169ms Script
text/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/blog/_nuxt/7d122c6.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/_nuxt/c03d60b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

15a25f4ec865e2373653f7556651e47d1b1d0b418bfd61f2ad7135362da9ba0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
x-iinfo: 8-22364779-22364809 2VNN RT(1717698693535 1640) q(0 0 0 -1) r(1 1)
content-length: 21717
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 23:58:29 GMT
etag: W/"75899453940ff5cb2ac474c4324a18ee"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
content-type: text/javascript
cache-control: max-age=30, public
expires: Thu, 06 Jun 2024 18:32:05 GMT

GET 20xYpxe8mBg
www.youtube.com/embed/ Frame E637 0
0

GET AcPnOfXoqIg
www.youtube.com/embed/ Frame 8538 0
0

GET f-fMdnUW4X4
www.youtube.com/embed/ Frame 0A87 0
0

GET gZrU2X1Q5OA
www.youtube.com/embed/ Frame EE62 0
0

GET NCO9F7U3d6c
www.youtube.com/embed/ Frame B198 0
0

GET XxjeRuwRyOw
www.youtube.com/embed/ Frame E898 0
0

GET JWC7fzhvAY8
www.youtube.com/embed/ Frame 1559 0
0

GET opdVFQEBCNU
www.youtube.com/embed/ Frame 05CE 0
0

GET
H2 200 image_1.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltef2bd987a37a4628/5ff71335b721aa1cd8dc4822/ 165 KB
0 29ms
29ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltef2bd987a37a4628/5ff71335b721aa1cd8dc4822/image_1.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: fb813c191c13a11cf9dfafa7d76e4e7d7e64cf1376e6521a6ac214ad34ef6d8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300702
x-cache: HIT, HIT
fastly-io-info: ifsz=169585 idim=2560x1085 ifmt=jpeg ofsz=169455 odim=2560x1085 ofmt=jpeg
content-disposition: inline; filename=image_1.jpg
fastly-stats: io=1
content-length: 169455
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10025-SJC, cache-fra-etou8220023-FRA
x-runtime: 112ms
x-request-id: 5a2f2da752202916843641075a1f35a8
server: contentstack
x-timer: S1717698695.500521,VS0,VE149
x-contentstack-organization: blt848504a4924ca8db
etag: "m2yvphSt7tPnHoLc5/2Aoeu865JmTyeNVZmCOaD/5mI"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 19, 0

GET
H2 200 image_2.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt6e8cea95971c33a0/5ff71362b08361084bffd9a8/ 275 KB
0 30ms
30ms Image
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt6e8cea95971c33a0/5ff71362b08361084bffd9a8/image_2.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: 8172ace442390f75debfa116d77bde3bb321ac1b667edb7d08a4aae13d6a4516

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:34 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300702
x-cache: HIT, HIT
fastly-io-info: ifsz=281599 idim=2048x1456 ifmt=png ofsz=281599 odim=2048x1456 ofmt=png
content-disposition: inline; filename=image_2.png
fastly-stats: io=1
content-length: 281599
fastly-io-warning: Failed to shrink image
x-served-by: cache-sjc10079-SJC, cache-fra-etou8220023-FRA
x-runtime: 110ms
x-request-id: 3922e19740a77428ffa3841267762b67
server: contentstack
x-timer: S1717698695.500511,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "E/SwqbyPmxEm8vR5j9gCOZpDJY0F4aN21U9Sg6uexcw"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/ 427 KB
103 KB 34ms
26ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b480df2d3690b7262690598f87598bc6e3ab6303e94911f2c1b77a721d7b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Jun 2024 18:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: VX4GCwjZuARQMrKdtn0EoA==
age: 1811
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 105136
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:15 GMT
server: cloudflare
etag: 0x8DC3E035D45F30B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e0e65e29-a01e-00a0-1a5a-70bd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88fa7af1fcdb3645-FRA

GET
H3 200 20xYpxe8mBg
www.youtube.com/embed/ Frame E637 0
0 157ms
93ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/20xYpxe8mBg?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AcPnOfXoqIg
www.youtube.com/embed/ Frame 8538 0
0 160ms
96ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/AcPnOfXoqIg?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 f-fMdnUW4X4
www.youtube.com/embed/ Frame 0A87 0
0 139ms
76ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/f-fMdnUW4X4?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gZrU2X1Q5OA
www.youtube.com/embed/ Frame EE62 0
0 190ms
127ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/gZrU2X1Q5OA?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 NCO9F7U3d6c
www.youtube.com/embed/ Frame B198 0
0 189ms
125ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NCO9F7U3d6c?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 XxjeRuwRyOw
www.youtube.com/embed/ Frame E898 0
0 170ms
107ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XxjeRuwRyOw?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JWC7fzhvAY8
www.youtube.com/embed/ Frame 1559 0
0 161ms
98ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JWC7fzhvAY8?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 opdVFQEBCNU
www.youtube.com/embed/ Frame 05CE 0
0 178ms
115ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/opdVFQEBCNU?enablejsapi=1&origin=https%3A%2F%2Fwww.sans.org

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/otSDKStub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 515 KB
205 KB 192ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Origin: https://www.sans.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 04:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209755
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Jun 2025 04:10:24 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/62b7bc3f-bec8-467f-8c63-dc25b1746d27/ 60 KB
15 KB 34ms
33ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b943c60c-995d-4bbc-943e-56b9f742642c/62b7bc3f-bec8-467f-8c63-dc25b1746d27/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b47d7a627162cd0e68a6afa7c140cdc2cf1324bb03e4d9d23ae880121aae92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Jun 2024 18:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 33517
content-md5: w2iatU1xF63gjOQ4uTHrhQ==
content-length: 14706
x-ms-lease-status: unlocked
last-modified: Wed, 13 Dec 2023 19:33:20 GMT
server: cloudflare
etag: 0x8DBFC125CFB2796
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 380b3180-a01e-006b-2157-79be77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88fa7af32da49a12-FRA
expires: Fri, 07 Jun 2024 18:31:36 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame BDAD 0
0 93ms
47ms Document
text/html 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=5alyjps7cad6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f100.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tfIYA64JbmK3j_dMtANUAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.sans.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tfIYA64JbmK3j_dMtANUAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 06 Jun 2024 18:31:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 16 KB
4 KB 70ms
14ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFloatingRoundedIcon.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc8c8031a5ede4d5c2c26b4cdee74bc0e29e2c8a1c6e6062b7a0a8337abfcb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Jun 2024 18:31:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6X8Y/xb1eFFrWo3MDi/sjw==
age: 64109
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3829
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:08 GMT
server: cloudflare
etag: 0x8DC3E03597C5A4C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2fcfb04a-c01e-000f-057e-704fef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88fa7af45f559a12-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202311.1.0/assets/ 21 KB
4 KB 76ms
20ms Fetch
text/css 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Jun 2024 18:31:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 78511
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6bd7188f-c01e-0089-581d-708356000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88fa7af45f599a12-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 109ms
52ms Image
image/svg+xml 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.sans.org
URL: https://www.sans.org/blog/how-you-can-start-learning-malware-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 06 Jun 2024 18:31:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 10638
x-ms-lease-status: unlocked
last-modified: Thu, 06 Jun 2024 02:06:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 92106bbc-c01e-0052-05c1-b75c9b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 88fa7af4f8df3645-FRA

GET
H2 200 cropped-SANS-Blue-Square-32x32.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2f0555dca45e068f/60a7f26ea450c25ac83cf8f6/ 935 B
1 KB 9ms
9ms Other
image/png 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt2f0555dca45e068f/60a7f26ea450c25ac83cf8f6/cropped-SANS-Blue-Square-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: contentstack /
Resource Hash: bedaa7c98fc593dbe10a8d3825cb9910f8436dfb90450fda921ba2966a2c740e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.sans.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:31:39 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-haf2300709
x-cache: HIT, HIT
fastly-io-info: ifsz=1126 idim=32x32 ifmt=png ofsz=935 odim=32x32 ofmt=png
content-disposition: inline; filename=cropped-SANS-Blue-Square-32x32.png
fastly-stats: io=1
content-length: 935
x-request-id: 26600ea4b85e47ca3fc127eee98a7a1d
x-served-by: cache-sjc10040-SJC, cache-fra-etou8220023-FRA
x-runtime: 87ms
server: contentstack
x-timer: S1717698699.283578,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "0UgNkq5Vh0vzcW4qaVHRvvhAOXYsvromPAg0fKVporo"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/20xYpxe8mBg

Domain: www.youtube.com
URL: https://www.youtube.com/embed/AcPnOfXoqIg

Domain: www.youtube.com
URL: https://www.youtube.com/embed/f-fMdnUW4X4

Domain: www.youtube.com
URL: https://www.youtube.com/embed/gZrU2X1Q5OA

Domain: www.youtube.com
URL: https://www.youtube.com/embed/NCO9F7U3d6c

Domain: www.youtube.com
URL: https://www.youtube.com/embed/XxjeRuwRyOw

Domain: www.youtube.com
URL: https://www.youtube.com/embed/JWC7fzhvAY8

Domain: www.youtube.com
URL: https://www.youtube.com/embed/opdVFQEBCNU

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sans.org/	1970-01-21 05:53:18	Name: visid_incap_1329355 Value: Nk8bJAl2T6aPGMcN2nS3coUAYmYAAAAAQUIPAAAAAAAguJZfQi+6JnsdiCQrpgkV
.sans.org/	1969-12-31 23:59:59	Name: nlbi_1329355_2083615 Value: 4V+NWQO5Pg8zE40HOuH6GQAAAADmb3zKVcGaC0Lvnkvln5lB
.sans.org/	1969-12-31 23:59:59	Name: incap_ses_489_1329355 Value: 8dbvEg0vcxqcz6m4/UbJBoUAYmYAAAAAvTH8fwLE8bG2V6aKvFICkQ==
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lMletJ8WJNo
.youtube.com/	1970-01-21 01:27:30	Name: VISITOR_INFO1_LIVE Value: ZIA6Uy_jXZA
.youtube.com/	1970-01-21 01:27:30	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgDg%3D%3D
.sans.org/	1970-01-20 21:08:20	Name: spses.6b32 Value: *
.sans.org/	1970-01-21 06:44:18	Name: spid.6b32 Value: 32b193c6-d23f-4f66-be3a-05549085ee00.1717698695.1.1717698695..c2e3f0cf-df9d-4e62-a08c-8d3cb1f5bb5d..6c9ea4c3-fccc-4fc0-bafa-9c5a810efe6b.1717698695092.1
api.sans.org/	1970-01-21 05:52:42	Name: visid_incap_2809573 Value: TyCIfAlgRO6IOq1C3GFmHoYAYmYAAAAAQUIPAAAAAADTucGWao/gB1iqYEnozhp3
api.sans.org/	1969-12-31 23:59:59	Name: nlbi_2809573_2682479 Value: o0SOJQ90rWJQlvj44LPcvAAAAAA+IFwiJfWO5p/n1GHP2Gzx
api.sans.org/	1969-12-31 23:59:59	Name: incap_ses_108_2809573 Value: 0BseCKSdODgHsWR2ibF/AYcAYmYAAAAAE2aq+tAubDN3LSeNB4wxEg==
.sans.org/	1970-01-21 05:53:54	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jun+06+2024+20%3A31%3A36+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202311.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.sans.org%2Fblog%2Fhow-you-can-start-learning-malware-analysis%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').
security	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 252) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.sans.org').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://registration.sans.org http://learnmore.sans.org https://learnmore.sans.org https://uat-www.sans.org https://qa-www.sans.org
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW FROM https://uat-www.sans.org http://learnmore.sans.org https://shift7-sans.cs67.force.com https://registration.sans.org https://qa-www.sans.org
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsearch.com
api.sans.org
cdn.cookielaw.org
cdn.evgnet.com
cdn.jsdelivr.net
cdn.optimizely.com
fonts.gstatic.com
geolocation.onetrust.com
images.contentstack.io
www.google.com
www.googletagmanager.com
www.gstatic.com
www.sans.org
www.youtube.com
www.youtube.com
151.101.2.137
151.101.64.114
172.217.18.14
172.217.23.100
2606:4700:4400::ac40:9b77
2606:4700::6813:b134
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a02:26f0:3500:889::13b8
2a04:4e42::485
45.60.31.34
45.60.33.34
99.80.22.109
02341acfd22526ad4569d86455a9c94ab08194bd40f329df6577362aa9fe78ee
0291038e1dab29b2b5d6ee42c102c6249b47e141ac84a88e5b335236474ac129
069231b573c1732783d33f721171bf0ec5b3ca5542330812deedd60da67f46cd
0712f5066465e22122eccd03614519bd1cabf74ccfb5b538ce925dd39cdd62cd
0873846067a6eb91eb7a14022dfc9bced3956d289783c72bd07062b839183dfe
0893fc9a1a9e206a2d84e197e9939047407c19e4a1756abb3f0c994e25efec83
0ddf1c3008869a04f57100949a5540f5cd285d893181070e68ae3d051e97c290
0e7dcd24f724760d2fc0950cb5343c41a414499feb22339cb69d4a3101b2684b
136001035e2775b18774afa1f03f2065b344bfefa049ba324f563bf6b652e309
15a25f4ec865e2373653f7556651e47d1b1d0b418bfd61f2ad7135362da9ba0e
16fb712a9c6a9a44944c45f2991d4c25aebb05d563488e03661b0242de1828e2
1bc1aa4f3c52e6ba40cbc24ddd47e1993f276757a2c2a0ab5d33d4c157102303
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23c1cfddf61314c8d732e8e25b97927101d424092153a2cd7dbb51c82e285bff
3332992e96bc009b7a3acfd8484ea65a8b07649aad73abbac8d4973952d93604
35b480df2d3690b7262690598f87598bc6e3ab6303e94911f2c1b77a721d7b49
35f5a03311e00163c04e1feaed930f92468fec214b0c7df2915eeb4391d87c1d
37cba10e43067a0214b42d54d09875849f601a914a463c0c1fcacd299070396b
3faf06748feaa1c7bc8d9d84d262d209c9c47005cbc5be246743b32e2490d7f8
43253d42f698553e37abdcf7235cc4124fec1566f4c62226b3d81d24108651f2
47b29d787e8c5413c10ab04c5bb44ba272b76f725cc5c680593cd8c52f1c7c95
4a6d06db00567b9cc14987d0002552637832387cf47a1dcd7dfd83fa607a2ab2
4d4f93a787526851cc67ea2a708a3b7598ba468c09f5dae081db0d5283338d50
5269122827487da84f83f9e6220cbf2024ab507573a1f77ec9b44724e67af340
54d670a4f200d8314a0935b6a4d1fdde99bd04ec56abc2f3d86ebef27a4c37e4
5b486c802e9077063a6c7a3e3509cb0b240d42c9741a6178fd111e696c3e0939
602358d68544ed2d54986ebd6ae716461cd6d68433e99f2e1ca63d2a284034c3
64972ce2be4d046088bdcdb35b6122ab05c0ecb84c7a94e29ba4822ed9d3b157
6f2b9b7cbdf27e8f4d2a8d9d6a8ddf2eb1149e2b0f79a85027ff04d1cebe5521
76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0
76e987438e99c6477838308a149d379d791c4e9692e53f15627d68b5d93cd999
76ea84631ebf1cc584cea8df1bd708db574b2871e5e8c00af33fdea72fc325b2
78ca04ceaa354592535991dc60ee768438f0ee7ced1224c5b8e8bd5e5a24898c
7d30435414031894c25be74ea98bde63a851f84e547ea6d942b21f1f0a37e233
8172ace442390f75debfa116d77bde3bb321ac1b667edb7d08a4aae13d6a4516
86389610caa1d1ee1bb9b3a1d438f331a35f4fd3c92febe62ee5e9f9ec4f5622
872fb329acdd644c07d450ed141fcf32c93dca871fb970390bc5d29780d8679f
8c1d20eedda5c5fd996d82d5d3b87a3a6da24735fe96458bff21d13d3cc1d1e1
8d3e2321f6291c79830f86d5e84eda3d40c9568f574b54a159c350f7b300aaa5
8d501c87ecf6a67ba39e5a8a05dc89e7456680b2a5260e6439e05724cf42a75e
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
99755c96c0916d2ddb174b63841608ab51faf2830a6d7f2b5d76580bf1c2d17c
9b47d7a627162cd0e68a6afa7c140cdc2cf1324bb03e4d9d23ae880121aae92b
9c7bfc5c392363cb47ac4b884d58651676552d93a4118e8bcc291b6847056bc3
a03e27429c0cd9800688f0f1b05e63e24aca8f15730bf883be67e38b71ccc7fd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aa5707b114579a33f6bd2f1e5bdb28399e0a76431d31c34733664a8b6e2b8f
a45aa8ee64d02baed1f62b6d8d2fcc1e87599ab85f729375d8eff8a6a3765b0b
a5e810c538d9ac115faaaa527625164da813013d225ad8b3f7bf19a3ccc409f2
a63b3af3324cd164b3f2ebe1417128a7d79cbbd0e06f26d98b308121d8717b71
a90c9a418d43701a0a915c62bdb57f7e5015dfc10654aef67179fc32652ec0f2
a95a1bdf7f0e11cf9b9d8c81939f715d4b0ccc0fa513f738dc7e5b34fabd6585
b698a7613b5699ab82438105b51d1391ffa6103ce23ad2068e7f66479d1e2baf
be3b161eca24051313cc59d561426001989e585ef63bfb64336994902d2322c9
bedaa7c98fc593dbe10a8d3825cb9910f8436dfb90450fda921ba2966a2c740e
bef02a2c378df97989afc302193acdef232f8292e763c0914966bfca72c194b4
c00f9dc81a56d6a9ff84c25d8c7f22c3712dd8fee84754e2a6ae44182c091996
c1236d3af38b7d049eca1f27f6b2a7acedbf1d6168cee99138ab4730a24fdd6d
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d489576bac06d30112558279010ed19408cdc0bc868bda0f91378141356023af
d59cda6ae875b8433274d066cfe5d5d42aa5090755abac3a48b5939bfa79bf2e
dc8c8031a5ede4d5c2c26b4cdee74bc0e29e2c8a1c6e6062b7a0a8337abfcb6a
df6379fe8c34adfb99a5983b564a2c050fde0b61244171c78ebdf08109379603
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc655e138c07f24562a8384d5731727db12d451a2304088c9cf155ee9c2d6a
e3cc9aa7909665e4bb5f8f0955aee63ffc60a14f9baf562ff1f3e49a6fee71c5
f6cf571e0e071f2a0242af86e593ac828fb1ec9f2444a5225b3f385f9792d33f
f781c8b3a9f20777c3fc72b4fb51c8556d358f016b772c302ec23330b9c32589
fb813c191c13a11cf9dfafa7d76e4e7d7e64cf1376e6521a6ac214ad34ef6d8a
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d

www.sans.org Open in urlscan Pro 45.60.31.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

92 %HTTPS

53 %IPv6

12 Domains

14 Subdomains

16 IPs

3 Countries

2832 kBTransfer

7270 kBSize

12 Cookies

55 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sans.org Open in urlscan Pro
45.60.31.34 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

92 %
HTTPS

53 %
IPv6

12
Domains

14
Subdomains

16
IPs

3
Countries

2832 kB
Transfer

7270 kB
Size

12
Cookies

99 HTTP transactions
3 data transactions