www.dshield.org Open in urlscan Pro
159.223.154.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.dshield.org/
Effective URL:
https://www.dshield.org/
Submission: On April 12 via manual (April 12th 2023, 3:10:37 pm UTC) from TR — Scanned from DE

Summary HTTP 53 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 53 HTTP transactions. The main IP is 159.223.154.178, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.dshield.org. The Cisco Umbrella rank of the primary domain is 313022.
TLS certificate: Issued by R3 on April 5th 2023. Valid for: 3 months.

This is the only time www.dshield.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	159.223.154.178 159.223.154.178	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
20	45.60.103.34 45.60.103.34	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	5

31 159.223.154.178 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: mail2.dshield.org

www.dshield.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 45.60.103.34 (United States)

ASN19551 (INCAPSULA, US)

isc.sans.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	dshield.org www.dshield.org — Cisco Umbrella Rank: 313022	1 MB
20	sans.edu isc.sans.edu — Cisco Umbrella Rank: 112180	879 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	25 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	89 KB
53	4

	Domain	Requested by
31	www.dshield.org	www.dshield.org isc.sans.edu
20	isc.sans.edu	www.dshield.org
1	cdn.jsdelivr.net	www.googletagmanager.com
1	www.googletagmanager.com	www.dshield.org
53	4

This site contains links to these domains. Also see Links.

Domain
isc.sans.edu
bazaar.abuse.ch
www.netresec.com
twitter.com
msrc.microsoft.com
patchtuesdaydashboard.com
morphuslabs.com
ow.ly
github.com
blog.didierstevens.com
infosec.exchange
creativecommons.org
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
dshield.org R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-15` - `2023-06-13`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.dshield.org/
Frame ID: 2A46E55279940DA40A650E7698E17DFB
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SANS.edu Internet Storm Center - SANS Internet Storm Center

Page URL History Show full URLs

http://www.dshield.org/ HTTP 307
https://www.dshield.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

53
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

2265 kB
Transfer

2522 kB
Size

7
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-00.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-01.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-02.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-03.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-04.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-05.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-06.jpg

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/6d07c2e05e76dd17f1871c206e92f08b69c5a7804d646e5f1e943a169a8c50ee/
Title: 6d07c2e05e76dd17f1871c206e92f08b69c5a7804d646e5f1e943a169a8c50ee

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/59e0f6e9c4ce2ab8116049d59525c6391598f2def4125515d86b61822926784f/
Title: 59e0f6e9c4ce2ab8116049d59525c6391598f2def4125515d86b61822926784f

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/52d3dd78d3f1a14e18d0689ed8c5b43372f9e76401ef1ff68522575e6251d2cf/
Title: 52d3dd78d3f1a14e18d0689ed8c5b43372f9e76401ef1ff68522575e6251d2cf

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/54d064799115f302a66220b3d0920c1158608a5ba76277666c4ac532b53e855f/
Title: 54d064799115f302a66220b3d0920c1158608a5ba76277666c4ac532b53e855f

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/dbf233743eb74ab66af8d1c803f53b7fe313ed70756efcc795ea4082c2f3c0c8/
Title: dbf233743eb74ab66af8d1c803f53b7fe313ed70756efcc795ea4082c2f3c0c8

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/5953f8f23092714626427316dd66ff2e160f03d2c57dcb1a4745d2e593c907ae/
Title: 5953f8f23092714626427316dd66ff2e160f03d2c57dcb1a4745d2e593c907ae

Search URL Search Domain Scan URL

URL: https://www.netresec.com/?page=Blog&month=2022-10&post=IcedID-BackConnect-Protocol
Title: IcedID BackConnect traffic

Search URL Search Domain Scan URL

URL: https://twitter.com/Unit42_Intel/status/1645851799427874818
Title: reference

Search URL Search Domain Scan URL

URL: https://twitter.com/malware_traffic/status/1645862110931611649
Title: reference

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28252
Title: CVE-2023-28252

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21554
Title: CVE-2023-21554

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-28231
Title: CVE-2023-28231

Search URL Search Domain Scan URL

URL: https://patchtuesdaydashboard.com/
Title: https://patchtuesdaydashboard.com/

Search URL Search Domain Scan URL

URL: http://morphuslabs.com/
Title: Morphus Labs

Search URL Search Domain Scan URL

URL: http://ow.ly/Nst730dJ6X3
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://ow.ly/uXqT30dJ6Tp
Title: Twitter

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diary/Another+Malicious+HTA+File+Analysis+Part+1/29674
Title: first part

Search URL Search Domain Scan URL

URL: https://github.com/DidierStevens/DidierStevensSuite/blob/master/base64dump.py
Title: base64dump.py

Search URL Search Domain Scan URL

URL: https://blog.didierstevens.com/2023/04/10/new-tool-myjson-transform-py/
Title: myjson-transform.py

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diary/Extra%3A%20%22String%20Obfuscation%3A%20Character%20Pair%20Reversal%22/29656
Title: "Extra: "String Obfuscation: Character Pair Reversal""

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/857217b72741e90dac37cfc2069753957841c31b224e6cd755c07833aa14dbe1/
Title: found on MalwareBazaar too

Search URL Search Domain Scan URL

URL: http://blog.didierstevens.com/
Title: blog.DidierStevens.com

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/podcast.html
Title: Stormcast

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@sans_isc
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://twitter.com/sans_isc
Title: Twitter

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-nc-sa/4.0/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?gid=35470

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.dshield.org/ HTTP 307
https://www.dshield.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dshield.org/
Redirect Chain

http://www.dshield.org/
https://www.dshield.org/

25 KB
10 KB

1319ms
669ms

Document
text/html

159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

e9f8f792799d9a436a74a689dfcbe0f6c8d21ac773d329d26bcbc116c039125e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
content-type: text/html; charset=UTF-8
date: Wed, 12 Apr 2023 15:10:30 GMT
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
permitted-cross-domain-policies: none
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: same
x-heyjason: SEC522 rocks
x-isc-cdn: 6704cb8852
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.dshield.org/
Non-Authoritative-Reason: HSTS

GET
H2 200 screen.css
www.dshield.org/css/ 43 KB
44 KB 269ms
265ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/screen.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

23326310dbdd4beeb0b8ef0180b730d3e83e89a2cd00bb1119537a10f2b4a59f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 43735
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 09 Mar 2023 12:16:16 GMT
server: nginx
etag: "aad7-5f6769c8cf1b8"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: text/css
accept-ranges: bytes

GET
H2 200 msft.css
www.dshield.org/css/ 573 B
1 KB 443ms
439ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/msft.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

883fc965030cbe4773ce84d1280c1672f55d09990049f749e393280d8924345d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 573
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nginx
etag: "23d-5da69f08a9af6"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: text/css
accept-ranges: bytes

GET
H2 200 fontawesome.css
www.dshield.org/css/ 46 KB
47 KB 442ms
438ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/fontawesome.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

abb60753f5c30c99820f4bbef2e96f2789e20b8a63f39b1b9975185d8e02d627

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 46943
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 14:46:12 GMT
server: nginx
etag: "b75f-5ee103bc070e6"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: text/css
accept-ranges: bytes

GET
H2 200 v3.css
www.dshield.org/css/ 35 KB
36 KB 316ms
312ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/v3.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

b2533a8e832118cdbd21009a2f6d50f09f682f632de04ec1a314f3a4e1a3ec47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 35755
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Sun, 05 Feb 2023 13:58:18 GMT
server: nginx
etag: "8bab-5f3f44e82f721"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: text/css
accept-ranges: bytes

GET
H2 200 bootstrap-modal.min.css
www.dshield.org/css/bootstrap-modal/ 5 KB
6 KB 443ms
439ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/bootstrap-modal/bootstrap-modal.min.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 4905
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nginx
etag: "1329-5da69f0872446"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: text/css
accept-ranges: bytes

GET
H2 200 jquery-2.0.3.min.js Show response
www.dshield.org/js/ 82 KB
83 KB 444ms
440ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/jquery-2.0.3.min.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

3bb562814d366095a71523f38db3237ad925371b177599721ffeb923f867098a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 83614
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:52 GMT
server: nginx
etag: "1469e-5da69f0ee1b7b"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 count.js Show response
isc.sans.edu/js/ 886 B
1 KB 571ms
180ms Script
application/javascript 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/count.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

522ace4616664c6f58c32821e9a0efd24dc2fdba0776727733cabc005773cff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 182) q(0 -1 -1 1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 521
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nc -l -p 80
etag: "436-5da69f0eb77b1"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=76297, public
expires: Thu, 13 Apr 2023 12:22:06 GMT

GET
H2 200 bootstrap.min.js Show response
www.dshield.org/js/bootstrap-modal/ 6 KB
7 KB 570ms
567ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/bootstrap-modal/bootstrap.min.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

80bab0fce06cce9b0d11d8d7c5762706523db4da59642f4722b0811a09da41b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 6601
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nginx
etag: "19c9-5da69f0eb3168"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 apn.js Show response
www.dshield.org/js/ 922 B
2 KB 443ms
440ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/apn.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

2d877bee53288d7332ca67d58ec7221ac15b9e535531102865a7b7303c1f876b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 922
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nginx
etag: "39a-5da69f0ead792"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 timezone.js Show response
www.dshield.org/js/ 815 B
2 KB 569ms
566ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/timezone.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

8bef3fd6e85e429b19bdee05e47e8eb79bd0e3881bed4284e9e2952f9f6dd9c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 815
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:56 GMT
server: nginx
etag: "32f-5da69f1322560"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
www.dshield.org/js/ 91 KB
92 KB 443ms
441ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/jquery.min.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

747eae63a811c625dd72dc301ab38ba2c6f0e75d2ebb4153e6acba9c7d4d04f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 93112
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:52 GMT
server: nginx
etag: "16bb8-5da69f0eed312"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 homepage.js Show response
www.dshield.org/js/ 6 KB
7 KB 568ms
566ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/homepage.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

b4409265e6df24a061d02a39dd9f38d29b53cd4c61df793ad288f8cf291c8b88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 5710
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Mon, 06 Mar 2023 19:00:21 GMT
server: nginx
etag: "164e-5f63fe81dfbe7"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 home.css
www.dshield.org/css/ 232 B
1 KB 267ms
266ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/home.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

b052ca028ace897abaebae2c63026a09d4de1896014b595d29d9381053964929

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 232
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nginx
etag: "e8-5da69f0887814"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: text/css
accept-ranges: bytes

GET
H2 200 sansfireleaderboard.png
www.dshield.org/images/sansfire/ 59 KB
60 KB 386ms
385ms Image
image/png 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/sansfire/sansfireleaderboard.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

a65ef52517712c309172a4bf1d2e2f0a2664728ce9521ba605dcb1d5a001f743

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 60437
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 11:56:07 GMT
server: nginx
etag: "ec15-5f9224b11e480"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/png
accept-ranges: bytes

GET
H2 200 340x340_SANSFIRE-2023.jpg
www.dshield.org/images/sansfire/ 106 KB
107 KB 277ms
276ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/sansfire/340x340_SANSFIRE-2023.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

96d80f3fbc043082eb268f55be1102d3370a2c31452a55b8cc1cf0b7f61a5dcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 108304
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Tue, 11 Apr 2023 20:26:11 GMT
server: nginx
etag: "1a710-5f9154d5bb3f6"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 cc.png
www.dshield.org/images/ 461 B
1 KB 278ms
277ms Image
image/png 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/cc.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

e822f0984efb293dbe344fe6134c9a295a10a3fa2ecbc1695594180bdd719e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 461
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
etag: "1cd-5da69f09c178b"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/png
accept-ranges: bytes

GET
H2 200 main.js Show response
www.dshield.org/js/ 3 KB
4 KB 267ms
267ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/main.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

c1899f311a78162fb68fac938bb683ed222024a6e426f2a12d059e53dfb07578

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 3344
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:56 GMT
server: nginx
etag: "d10-5da69f12e54cc"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 menu.js Show response
www.dshield.org/js/ 708 B
2 KB 316ms
316ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/menu.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

b5ac7ec5bde333441b767cc685f5e6084f9ba37ecc12f33d2af801a6fa5afc5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 708
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
etag: "2c4-5e350d41b8c3a"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/javascript; charset=utf-8
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 314 KB
89 KB 135ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bac5cd118f92103c6e00c57a3f363e613d8c2af85ba07abe50d9aeb993bc2c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 15:10:30 GMT

GET
H2 200 count Show response
www.dshield.org/api/ 15 B
1 KB 317ms
316ms Fetch
text/json 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/api/count?json&r=0.7074233740787563&count=37ce17d9-5b5b-46a6-8c4f-44bced851b1c&width=1600

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
randomness: 20ded057c08cf1310
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 15
x-xss-protection: 1; mode=block
pragma: no-cache
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 15:00:31 +0000
server: nginx
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same, SAMEORIGIN
content-type: text/json;charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=600
expires: Wed, 12 Apr 2023 15:20:31 +0000

GET
H2 200 loading.gif
www.dshield.org/images/ 25 KB
26 KB 359ms
358ms Image
image/gif 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/loading.gif

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/screen.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

40bcf2f8f31b1027306cda154171b75e131c84cbec4d9c4bcd4de3b1a21175e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 25693
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:49 GMT
server: nginx
etag: "645d-5da69f0c801b1"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/gif
accept-ranges: bytes

GET
H2 200 poppins-regular.ttf
www.dshield.org/webfonts/ 16 KB
17 KB 272ms
271ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/poppins-regular.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 16148
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
etag: "3f14-5e350d41e7a2f"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/font-sfnt
accept-ranges: bytes

GET
H2 200 open-sans-700.ttf
www.dshield.org/webfonts/ 31 KB
32 KB 370ms
369ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/open-sans-700.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

68151e32200f64f60f412bbc3ccde917a5fadb2f1a464cf7b3b77fd7675e6afc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 31420
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
etag: "7abc-5e350d41e4768"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/font-sfnt
accept-ranges: bytes

GET
H2 200 open-sans-regular.ttf
www.dshield.org/webfonts/ 31 KB
32 KB 465ms
464ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/open-sans-regular.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

18b7e49a6696c5a278ac77eb98149048d0819df63ac265a2cf3abb26914d57c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 31380
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
etag: "7a94-5e350d41e5ed7"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/font-sfnt
accept-ranges: bytes

GET
H2 200 clear-sans-medium.ttf
www.dshield.org/webfonts/ 306 KB
307 KB 1042ms
1041ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/clear-sans-medium.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

93677acbadea77e254b491589812f1e218a97adcd10a4957622b8c7a86e14181

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 313308
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
etag: "4c7dc-5e350d41e10bb"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/font-sfnt
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10b325a392531c8e79d4ccaddebcd159fd21ceb66bbb05748a97f16bc4166fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 719 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc9ae7d497329a5eca73e21429b751949aad15855cd77d1b29f9224b0857eddf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 506 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b927ed2eff7fca9c6f9224dd8cda6ae9194dd66321cb09474b079fff8caeef60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 socialIconsFoot.png
www.dshield.org/img/ 12 KB
13 KB 355ms
355ms Image
image/png 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/img/socialIconsFoot.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/screen.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

69ac193c0e6bba260b1ba593b6fac804e10b530304c6c5cf4948d2320829e67f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/css/screen.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 12785
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Sat, 05 Nov 2022 02:07:38 GMT
server: nginx
etag: "31f1-5ecafa78d1a71"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/png
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 778 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f335fe583fdad5c70b6c71499a736ce7de3e5d40a496ef092cef2e0e331538e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sp.min.js Show response
cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/ 73 KB
25 KB 153ms
20ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@snowplow/javascript-tracker@3.5.0/dist/sp.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4257282
x-jsd-version: 3.5.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230095-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"12364-F9/xW8QJROE2aN3C47q1tjOoX0s"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kis2r20Jl6Ed53IgU6sh6%2BvysZi%2FsknK0LzKL4cZZbLL7w0dC26VJSAIiRSbzDcFQb1OW8qHFODai2QEb9w9HsDIulmzKDce59dA2CjufGis%2FKW5BbMvG2swjJmE%2F1CYrKUTWo8GlfXxAVJ4K1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b6c65853aa2371c-FRA

GET
H2 200 api_diarypage_7_100000_handler_json.json Show response
www.dshield.org/ 70 KB
71 KB 329ms
328ms XHR
application/json 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/api_diarypage_7_100000_handler_json.json

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

d9d3a05abbd1cc933124e4cb0f27d9b458c6ee0e37b938679ebb9c24f0d5a788

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dshield.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 72073
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 15:04:12 GMT
server: nginx
etag: "11989-5f924ebb82f19"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/json
accept-ranges: bytes

GET
H2 200 api_podcastpage_7_80000_json.json Show response
www.dshield.org/ 8 KB
8 KB 276ms
276ms XHR
application/json 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/api_podcastpage_7_80000_json.json

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

f5e130e0d315c12157b6d5a301cea3e94694509fa7678bfd114bd92ddcde7adf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dshield.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 7702
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 15:04:12 GMT
server: nginx
etag: "1e16-5f924ebb529a4"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/json
accept-ranges: bytes

GET
H2 200 api_jobs_7_json.json Show response
www.dshield.org/ 236 KB
237 KB 276ms
275ms XHR
application/json 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/api_jobs_7_json.json

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

0f8a913552818cd2cd9edc9264649e7030d0a068e766198ac8d407c3a978e271

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dshield.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 241198
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 15:04:12 GMT
server: nginx
etag: "3ae2e-5f924ebb41462"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: application/json
accept-ranges: bytes

GET
H2 200 2023-04-12-ISC-diary-image-00.jpg
isc.sans.edu/diaryimages/images/ 108 KB
108 KB 989ms
984ms Image
image/jpeg 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-00.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

178afcd8e6b5990fce7719a8c2fb1c6a01b099df187fad481bd70b7dcdfa11df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-201308466 3CNN RT(1681312229693 1197) q(0 0 0 -1) r(6 6)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 110606
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 05:52:35 GMT
server: nc -l -p 80
etag: "1d957-5f91d36fd1975"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=238, public
expires: Wed, 12 Apr 2023 15:14:29 GMT

GET
H2 200 2023-04-12-ISC-diary-image-01.jpg
isc.sans.edu/diaryimages/images/ 83 KB
84 KB 989ms
983ms Image
image/jpeg 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-01.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

ccd15debca39ac461cd91bebe3252b58f700f322fb15d276c1426defb067c537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-201298923 3CNN RT(1681312229693 1199) q(0 0 0 -1) r(6 6)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 85445
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 05:54:10 GMT
server: nc -l -p 80
etag: "17287-5f91d3caa0e77"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=256, public
expires: Wed, 12 Apr 2023 15:14:47 GMT

GET
H2 200 2023-04-12-ISC-diary-image-02.jpg
isc.sans.edu/diaryimages/images/ 58 KB
58 KB 174ms
169ms Image
image/jpeg 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-02.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

7ddfc3fe4d55401f2dae3867d53aacf8b788124a594d5aeeb6ddbf082564f462

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-201300009 2CNN RT(1681312229693 1200) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 59438
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 05:55:18 GMT
server: nc -l -p 80
etag: "102bc-5f91d40b47316"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=256, public
expires: Wed, 12 Apr 2023 15:14:46 GMT

GET
H2 200 2023-04-12-ISC-diary-image-03.jpg
isc.sans.edu/diaryimages/images/ 90 KB
91 KB 490ms
485ms Image
image/jpeg 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-03.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

a1c65ddc25b78de98e7dbb27912df6c9973094dc46eecd4f9e9c3f091255ca52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-201295465 2CNN RT(1681312229693 1204) q(0 0 0 -1) r(1 1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 92605
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 05:56:37 GMT
server: nc -l -p 80
etag: "18a89-5f91d456a1b7c"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=256, public
expires: Wed, 12 Apr 2023 15:14:46 GMT

GET
H2 200 2023-04-12-ISC-diary-image-04.jpg
isc.sans.edu/diaryimages/images/ 84 KB
84 KB 990ms
985ms Image
image/jpeg 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-04.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

480054aaef35f3db5a5aa201a81fe997a0131ef14803f048d21825189b79d9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-201269835 3CNN RT(1681312229693 1205) q(0 0 0 -1) r(7 7)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 86161
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 05:58:01 GMT
server: nc -l -p 80
etag: "17b82-5f91d4a6715b5"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=275, public
expires: Wed, 12 Apr 2023 15:15:06 GMT

GET
H2 200 2023-04-12-ISC-diary-image-05.jpg
isc.sans.edu/diaryimages/images/ 68 KB
69 KB 991ms
986ms Image
image/jpeg 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-05.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

4a113faa8cb84b068fc9f0efc8c1020bffb5acb0e35322705d2c158bb1c5748a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-201295101 3CNN RT(1681312229693 1208) q(0 0 0 -1) r(6 6)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 70062
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 05:59:05 GMT
server: nc -l -p 80
etag: "12958-5f91d4e409eae"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=276, public
expires: Wed, 12 Apr 2023 15:15:07 GMT

GET
H2 200 2023-04-12-ISC-diary-image-06.jpg
isc.sans.edu/diaryimages/images/ 105 KB
105 KB 991ms
986ms Image
image/jpeg 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2023-04-12-ISC-diary-image-06.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

a42e361d2d556ecc2373aefe4df81592918763813f96b6a77a3c10f4d8d84fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-201300009 3CNN RT(1681312229693 1217) q(0 1 1 -1) r(6 6)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 107195
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 12 Apr 2023 06:01:05 GMT
server: nc -l -p 80
etag: "1c0e0-5f91d55633012"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=275, public
expires: Wed, 12 Apr 2023 15:15:06 GMT

GET
H2 200 brad-duncan.jpg
www.dshield.org/images/design/custom/headshots/ 4 KB
5 KB 273ms
268ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/brad-duncan.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

c9279f0a089e9d767d5b6df42bbfdc1354817b1a03fed49e62fdc4518d338e8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 4012
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
etag: "fac-5da69f09e2abd"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 renato-marinho.jpg
www.dshield.org/images/design/custom/headshots/ 6 KB
7 KB 1280ms
1275ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/renato-marinho.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

7b8a37e581e6f1008bb4a04dd045b1c4ab360074f98383a8757c96ca97c1dec9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:32 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 5830
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:47 GMT
server: nginx
etag: "16c6-5da69f0a03dfb"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 20230326-124021.png
isc.sans.edu/diaryimages/images/ 66 KB
66 KB 656ms
652ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230326-124021.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

e0b4b35039bed316db12657f765785b56214ddd236366164599f0747514b3047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1237) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 67152
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 12:23:15 GMT
server: nc -l -p 80
etag: "18dd6-5f7ccb0cb2c4a"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=47501, public
expires: Thu, 13 Apr 2023 04:22:11 GMT

GET
H2 200 20230326-144759.png
isc.sans.edu/diaryimages/images/ 26 KB
26 KB 822ms
818ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230326-144759.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

f474fab365c16526a36b9922066cba09f6c5c6de870ce7717f1d93d4cb5e58dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1250) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 26681
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 12:42:48 GMT
server: nc -l -p 80
etag: "126df-5f7ccf6bc3f47"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=47501, public
expires: Thu, 13 Apr 2023 04:22:11 GMT

GET
H2 200 20230326-145009.png
isc.sans.edu/diaryimages/images/ 10 KB
10 KB 822ms
818ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230326-145009.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

4c7851dcaff767778c54a104d2297ca1a4d9bc8828fd916bcfd4b34b9dccc012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1255) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 10152
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 12:45:06 GMT
server: nc -l -p 80
etag: "560a-5f7ccfeeee500"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=47501, public
expires: Thu, 13 Apr 2023 04:22:11 GMT

GET
H2 200 20230326-145027.png
isc.sans.edu/diaryimages/images/ 26 KB
26 KB 823ms
819ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230326-145027.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

0a0b1e38ec8ab78fd3a8372d061f778b0f1fd365c4c3305946b632851c4b03aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1355) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 26510
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 13:03:09 GMT
server: nc -l -p 80
etag: "e4d0-5f7cd3f86436d"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=47500, public
expires: Thu, 13 Apr 2023 04:22:11 GMT

GET
H2 200 20230326-151507.png
isc.sans.edu/diaryimages/images/ 39 KB
39 KB 824ms
820ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230326-151507.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

51977124def371be28321cac6b286f9e801b5395ca68493cbece8b5fe70e5ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1356) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 39606
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 13:11:22 GMT
server: nc -l -p 80
etag: "ed62-5f7cd5ce4b1ff"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=47502, public
expires: Thu, 13 Apr 2023 04:22:13 GMT

GET
H2 200 20230326-152453.png
isc.sans.edu/diaryimages/images/ 14 KB
15 KB 825ms
821ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230326-152453.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

b93bde2df0829f21311658574e7d980bbc523e77c2b14460a880b7951bc67fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1359) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 14760
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 26 Mar 2023 13:19:56 GMT
server: nc -l -p 80
etag: "517e-5f7cd7b853d8e"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=47501, public
expires: Thu, 13 Apr 2023 04:22:12 GMT

GET
H2 200 didier-stevens.jpg
www.dshield.org/images/design/custom/headshots/ 4 KB
5 KB 529ms
526ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/didier-stevens.jpg

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

1f40e84bb8c3fe5aa328c1dbd48a6658c2fc3bcefd4e93de0d43814e970bd1bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:32 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 4159
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
etag: "103f-5da69f09e55c0"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: same
content-type: image/jpeg
accept-ranges: bytes

GET
H2 200 20230409-095827.png
isc.sans.edu/diaryimages/images/ 3 KB
3 KB 825ms
822ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230409-095827.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

b276e5540d5021cacef5bb2e813eb2d025574fdc8f8c50f34393847865990993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1361) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 2637
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 09 Apr 2023 08:40:42 GMT
server: nc -l -p 80
etag: "11ac-5f8e336b7769e"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=701, public
expires: Wed, 12 Apr 2023 15:22:12 GMT

GET
H2 200 20230409-100507.png
isc.sans.edu/diaryimages/images/ 5 KB
5 KB 825ms
822ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230409-100507.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

0ffe070ef7cee7e0e762dbd749b0e3fb0c10c787051630f0cffb5a41fa646f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1364) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 4911
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 09 Apr 2023 08:42:15 GMT
server: nc -l -p 80
etag: "2e7a-5f8e33c41ad21"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=702, public
expires: Wed, 12 Apr 2023 15:22:13 GMT

GET
H2 200 20230409-100608.png
isc.sans.edu/diaryimages/images/ 19 KB
19 KB 826ms
823ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230409-100608.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

bdc3797129f2059cb8dee7fa79f54c98596b79ff0c8c74ef8dd110bdf2e699c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1365) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 19278
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 09 Apr 2023 08:42:43 GMT
server: nc -l -p 80
etag: "63d6-5f8e33de3b4af"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=702, public
expires: Wed, 12 Apr 2023 15:22:13 GMT

GET
H2 200 20230409-100638.png
isc.sans.edu/diaryimages/images/ 26 KB
27 KB 826ms
823ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230409-100638.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

96822ecd208c35e678bda8ede0413abf45cc48a5b08a93653c359d5a0a5dc68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1366) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 27080
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 09 Apr 2023 08:43:16 GMT
server: nc -l -p 80
etag: "8b0b-5f8e33fe0bd22"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=701, public
expires: Wed, 12 Apr 2023 15:22:12 GMT

GET
H2 200 20230409-100654.png
isc.sans.edu/diaryimages/images/ 15 KB
15 KB 984ms
981ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230409-100654.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

c329c8d39cfb9558f8cdb593b595e50a4e0dca5dc9dba87422e15a0c71a9df1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1367) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 15232
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 09 Apr 2023 08:43:56 GMT
server: nc -l -p 80
etag: "4b65-5f8e342493995"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=702, public
expires: Wed, 12 Apr 2023 15:22:13 GMT

GET
H2 200 20230409-101533.png
isc.sans.edu/diaryimages/images/ 29 KB
29 KB 984ms
982ms Image
image/png 45.60.103.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20230409-101533.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.103.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

22dd9227c65e29e2a8ea0694f0cad98d40196de243f73feccb94a304bcce04dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 15:10:31 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 4-201339085-0 0CNN RT(1681312229693 1368) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 29591
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 09 Apr 2023 08:45:06 GMT
server: nc -l -p 80
etag: "97e1-5f8e346750cc4"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=701, public
expires: Wed, 12 Apr 2023 15:22:12 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sans.edu/	1970-01-20 19:46:56	Name: visid_incap_2188750 Value: Urh/2CjwRyuwb9udE1W8QeXJNmQAAAAAQUIPAAAAAADxCRyZD3wjXRg6GpnD7NgF
.sans.edu/	1969-12-31 23:59:59	Name: incap_ses_673_2188750 Value: /WWANL1TVzArawVv6PpWCeXJNmQAAAAAnm6Rxh2y/ZIJ0kZI9VQdnA==
www.dshield.org/	1970-01-20 19:47:28	Name: count Value: 37ce17d9-5b5b-46a6-8c4f-44bced851b1c
www.dshield.org/	1969-12-31 23:59:59	Name: __Secure-dshield Value: lektq2aehc96dk412c7kbvaek0
www.dshield.org/	1969-12-31 23:59:59	Name: sessionhash Value: 27b883a2556709dda65d9b83d5b322235f62c7e64a8e3169238bc94e853f5e96
.dshield.org/	1970-01-20 11:01:54	Name: spses.8ee6 Value: *
.dshield.org/	1970-01-20 20:37:52	Name: spid.8ee6 Value: 3dc2dff5-23a0-466b-a1e3-66c29a9c442f.1681312231.1.1681312231..074aa822-d831-4466-a5b3-cbdd047381e6....0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.jsdelivr.net https://isc.sans.edu https://challenges.cloudflare.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src https://challenges.cloudflare.com 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu https://www.dshield.org;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
isc.sans.edu
www.dshield.org
www.googletagmanager.com
159.223.154.178
2606:4700::6810:5514
2a00:1450:4001:810::2008
45.60.103.34
0a0b1e38ec8ab78fd3a8372d061f778b0f1fd365c4c3305946b632851c4b03aa
0f8a913552818cd2cd9edc9264649e7030d0a068e766198ac8d407c3a978e271
0ffe070ef7cee7e0e762dbd749b0e3fb0c10c787051630f0cffb5a41fa646f6e
10b325a392531c8e79d4ccaddebcd159fd21ceb66bbb05748a97f16bc4166fa5
178afcd8e6b5990fce7719a8c2fb1c6a01b099df187fad481bd70b7dcdfa11df
18b7e49a6696c5a278ac77eb98149048d0819df63ac265a2cf3abb26914d57c3
1f40e84bb8c3fe5aa328c1dbd48a6658c2fc3bcefd4e93de0d43814e970bd1bf
22dd9227c65e29e2a8ea0694f0cad98d40196de243f73feccb94a304bcce04dc
23326310dbdd4beeb0b8ef0180b730d3e83e89a2cd00bb1119537a10f2b4a59f
2d877bee53288d7332ca67d58ec7221ac15b9e535531102865a7b7303c1f876b
3bb562814d366095a71523f38db3237ad925371b177599721ffeb923f867098a
40bcf2f8f31b1027306cda154171b75e131c84cbec4d9c4bcd4de3b1a21175e1
480054aaef35f3db5a5aa201a81fe997a0131ef14803f048d21825189b79d9af
4a113faa8cb84b068fc9f0efc8c1020bffb5acb0e35322705d2c158bb1c5748a
4c7851dcaff767778c54a104d2297ca1a4d9bc8828fd916bcfd4b34b9dccc012
51977124def371be28321cac6b286f9e801b5395ca68493cbece8b5fe70e5ffc
522ace4616664c6f58c32821e9a0efd24dc2fdba0776727733cabc005773cff2
5f335fe583fdad5c70b6c71499a736ce7de3e5d40a496ef092cef2e0e331538e
66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8
68151e32200f64f60f412bbc3ccde917a5fadb2f1a464cf7b3b77fd7675e6afc
69ac193c0e6bba260b1ba593b6fac804e10b530304c6c5cf4948d2320829e67f
747eae63a811c625dd72dc301ab38ba2c6f0e75d2ebb4153e6acba9c7d4d04f0
76039a26bb3656600240ac08bc5f0ce450661977af129ab9c746ea4efe45a1a0
7b8a37e581e6f1008bb4a04dd045b1c4ab360074f98383a8757c96ca97c1dec9
7ddfc3fe4d55401f2dae3867d53aacf8b788124a594d5aeeb6ddbf082564f462
80bab0fce06cce9b0d11d8d7c5762706523db4da59642f4722b0811a09da41b8
883fc965030cbe4773ce84d1280c1672f55d09990049f749e393280d8924345d
8bef3fd6e85e429b19bdee05e47e8eb79bd0e3881bed4284e9e2952f9f6dd9c0
93677acbadea77e254b491589812f1e218a97adcd10a4957622b8c7a86e14181
96822ecd208c35e678bda8ede0413abf45cc48a5b08a93653c359d5a0a5dc68f
96d80f3fbc043082eb268f55be1102d3370a2c31452a55b8cc1cf0b7f61a5dcd
a1c65ddc25b78de98e7dbb27912df6c9973094dc46eecd4f9e9c3f091255ca52
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a42e361d2d556ecc2373aefe4df81592918763813f96b6a77a3c10f4d8d84fed
a65ef52517712c309172a4bf1d2e2f0a2664728ce9521ba605dcb1d5a001f743
abb60753f5c30c99820f4bbef2e96f2789e20b8a63f39b1b9975185d8e02d627
b052ca028ace897abaebae2c63026a09d4de1896014b595d29d9381053964929
b2533a8e832118cdbd21009a2f6d50f09f682f632de04ec1a314f3a4e1a3ec47
b276e5540d5021cacef5bb2e813eb2d025574fdc8f8c50f34393847865990993
b4409265e6df24a061d02a39dd9f38d29b53cd4c61df793ad288f8cf291c8b88
b5ac7ec5bde333441b767cc685f5e6084f9ba37ecc12f33d2af801a6fa5afc5b
b927ed2eff7fca9c6f9224dd8cda6ae9194dd66321cb09474b079fff8caeef60
b93bde2df0829f21311658574e7d980bbc523e77c2b14460a880b7951bc67fb5
bac5cd118f92103c6e00c57a3f363e613d8c2af85ba07abe50d9aeb993bc2c09
bdc3797129f2059cb8dee7fa79f54c98596b79ff0c8c74ef8dd110bdf2e699c7
c1899f311a78162fb68fac938bb683ed222024a6e426f2a12d059e53dfb07578
c329c8d39cfb9558f8cdb593b595e50a4e0dca5dc9dba87422e15a0c71a9df1d
c9279f0a089e9d767d5b6df42bbfdc1354817b1a03fed49e62fdc4518d338e8e
cc9ae7d497329a5eca73e21429b751949aad15855cd77d1b29f9224b0857eddf
ccd15debca39ac461cd91bebe3252b58f700f322fb15d276c1426defb067c537
d9d3a05abbd1cc933124e4cb0f27d9b458c6ee0e37b938679ebb9c24f0d5a788
e0b4b35039bed316db12657f765785b56214ddd236366164599f0747514b3047
e822f0984efb293dbe344fe6134c9a295a10a3fa2ecbc1695594180bdd719e9f
e9f8f792799d9a436a74a689dfcbe0f6c8d21ac773d329d26bcbc116c039125e
f474fab365c16526a36b9922066cba09f6c5c6de870ce7717f1d93d4cb5e58dc
f5e130e0d315c12157b6d5a301cea3e94694509fa7678bfd114bd92ddcde7adf
f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c

www.dshield.org Open in urlscan Pro 159.223.154.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

2265 kBTransfer

2522 kBSize

7 Cookies

35 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dshield.org Open in urlscan Pro
159.223.154.178 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

2265 kB
Transfer

2522 kB
Size

7
Cookies

53 HTTP transactions
4 data transactions