digital-forensics.sans.org Open in urlscan Pro
45.60.33.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.sans.org/?qs=abd59e6b8af5bb1a378ea1d59ec356b6b3d3096b01f538b65c88d4a57da432307a5ae33c021eeba9a082f6904ac2...
Effective URL:
https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free...
Submission Tags: falconsandbox
Submission: On November 14 via api (November 14th 2020, 2:45:23 am UTC) from US

Summary HTTP 62 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 62 HTTP transactions. The main IP is 45.60.33.34, located in United States and belongs to INCAPSULA, US. The main domain is digital-forensics.sans.org.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on September 16th 2020. Valid for: 6 months.

This is the only time digital-forensics.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	136.147.189.155 136.147.189.155	22606 (EXACT-7) (EXACT-7)
49	45.60.33.34 45.60.33.34	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.166.11.26 52.166.11.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
62	9

1 136.147.189.155 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email.sans.org

click.email.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 45.60.33.34 (United States)

ASN19551 (INCAPSULA, US)

digital-forensics.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.166.11.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	sans.org 1 redirects click.email.sans.org digital-forensics.sans.org	501 KB
5	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	173 KB
3	youtube.com www.youtube.com	970 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net	17 KB
2	addsearch.com addsearch.com	15 KB
1	ytimg.com s.ytimg.com	36 KB
1	google.de www.google.de	107 B
1	google.com 1 redirects www.google.com	175 B
62	8

	Domain	Requested by
49	digital-forensics.sans.org	digital-forensics.sans.org
4	ka-f.fontawesome.com	kit.fontawesome.com digital-forensics.sans.org
3	www.youtube.com	digital-forensics.sans.org
2	stats.g.doubleclick.net	1 redirects digital-forensics.sans.org
2	addsearch.com	digital-forensics.sans.org
1	s.ytimg.com	www.youtube.com
1	www.google.de	digital-forensics.sans.org
1	www.google.com	1 redirects
1	kit.fontawesome.com	digital-forensics.sans.org
1	click.email.sans.org	1 redirects
62	10

This site contains links to these domains. Also see Links.

Domain
www.sans.org
www.giac.org
isc.sans.edu
www.sans.edu
cyber-defense.sans.org
pen-testing.sans.org
ics.sans.org
f001.backblazeb2.com
learn.duffandphelps.com
www.microsoft.com
twitter.com
www.linkedin.com
www.facebook.com
www.addsearch.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-09-16` - `2021-03-17`	6 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
*.addsearch.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-05` - `2021-09-03`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
Frame ID: B95325DCB282E4E258D9C4B135834DE5
Requests: 60 HTTP requests in this frame

Frame: https://www.youtube.com/embed/yEmLuj3oDzs
Frame ID: 5AF305EBC750007CACE331A2C5923111
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GhCZfCzn2l0?enablejsapi=1&rel=0
Frame ID: BA19CFE1AA31E2B29EBD3CCF01D3C2E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.email.sans.org/?qs=abd59e6b8af5bb1a378ea1d59ec356b6b3d3096b01f538b65c88d4a57da432307a5ae33c... HTTP 302
https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&u... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

62
Requests

100 %
HTTPS

73 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

743 kB
Transfer

1590 kB
Size

15
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sans.org/?msc=logo-drop-down
Title: Security Training

Search URL Search Domain Scan URL

URL: https://www.giac.org/?msc=logo-drop-down
Title: Security Certification

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/?msc=logo-drop-down
Title: Internet Storm Center

Search URL Search Domain Scan URL

URL: https://www.sans.edu/?msc=logo-drop-down
Title: College Cybersecurity Programs

Search URL Search Domain Scan URL

URL: https://www.sans.org/security-awareness-training?msc=logo-drop-down
Title: Security Awareness Training

Search URL Search Domain Scan URL

URL: https://cyber-defense.sans.org/?msc=logo-drop-down
Title: Cyber Defense

Search URL Search Domain Scan URL

URL: https://pen-testing.sans.org/?msc=logo-drop-down
Title: Offensive Operations

Search URL Search Domain Scan URL

URL: https://ics.sans.org/?msc=logo-drop-down
Title: Industrial Control Systems

Search URL Search Domain Scan URL

URL: https://www.sans.org/cloud-security?msc=logo-drop-down
Title: Cloud Security

Search URL Search Domain Scan URL

URL: https://www.sans.org/sic?msc=logo-drop-down
Title: Government Private Training

Search URL Search Domain Scan URL

URL: https://www.sans.org/blog/?focus-area=digital-forensics
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.sans.org/webcasts/archive/2019
Title: Webcasts

Search URL Search Domain Scan URL

URL: https://www.sans.org/cyber-security-courses/?focus-area=digital-forensics
Title: Courses

Search URL Search Domain Scan URL

URL: https://www.sans.org/netwars/dfir-tournament
Title: DFIR NetWars

Search URL Search Domain Scan URL

URL: https://www.sans.org/netwars/dfir-continuous
Title: DFIR Netwars Continuous

Search URL Search Domain Scan URL

URL: https://www.giac.org/
Title: GIAC Homepage

Search URL Search Domain Scan URL

URL: https://www.sans.org/profiles/instructors/?focus-area=digital-forensics
Title: Instructors

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/AmcacheParser.zip
Title: 1.4.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/AppCompatCacheParser.zip
Title: 1.4.4.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/bstrings.zip
Title: 1.5.1.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/EZViewer.zip
Title: 1.0.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/EvtxExplorer.zip
Title: 0.6.0.2

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/hasher.zip
Title: 1.9.3.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/JLECmd.zip
Title: 1.4.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/JumpListExplorer.zip
Title: 1.4.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/LECmd.zip
Title: 1.4.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/MFTECmd.zip
Title: 0.5.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/MFTExplorer.zip
Title: 0.5.1.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/PECmd.zip
Title: 1.4.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/RBCmd.zip
Title: 0.5.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/RecentFileCacheParser.zip
Title: 1.0.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/RegistryExplorer_RECmd.zip
Title: 1.5.2.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/SDBExplorer.zip
Title: 1.0.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/ShellBagsExplorer.zip
Title: 1.4.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/SQLECmd.zip
Title: 0.5.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/TimelineExplorer.zip
Title: 1.1.2.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/VSCMount.zip
Title: 1.0.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/WxTCmd.zip
Title: 0.5.0.0

Search URL Search Domain Scan URL

URL: https://learn.duffandphelps.com/kape?utm_campaign=2019_cyberitbn-KAPE-launch&utm_source=kroll&utm_medium=referral&utm_term=kape-gui-blogpost
Title: NA

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/iisGeolocate.zip
Title: 1.5.0.0

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/TimeApp.zip
Title: NA

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/XWFIM.zip
Title: NA

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/Get-ZimmermanTools.zip
Title: NA

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/nlog.config
Title: NA

Search URL Search Domain Scan URL

URL: https://f001.backblazeb2.com/file/EricZimmermanTools/ChangeLog.txt
Title: NA

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download/details.aspx?id=48137
Title: Microsoft .net 4.6

Search URL Search Domain Scan URL

URL: https://twitter.com/EricRZimmerman
Title: @EricRZimmerman

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/eric-zimmerman-6965b22/
Title: /eric-zimmerman-6965b22

Search URL Search Domain Scan URL

URL: https://www.sans.org/course/advanced-incident-response-threat-hunting-training
Title: FOR508: Advanced Digital Forensics, Incident Response and Threat Hunting

Search URL Search Domain Scan URL

URL: https://www.sans.org/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.giac.org/about/policies/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sans.org/blog/?&focus-area=digital-forensics
Title: Learn More

Search URL Search Domain Scan URL

URL: https://twitter.com/sansforensics/statuses/1327405960802021376
Title: . @hexacorn Blog: Where all the Cyber Tooth Fairies go? http [...]

Search URL Search Domain Scan URL

URL: https://twitter.com/sansforensics/statuses/1327341015917858818
Title: Today's #3MinMax with @kevinripa is out! Listen now! Epis [...]

Search URL Search Domain Scan URL

URL: https://twitter.com/sansforensics/statuses/1327331672807927809
Title: In this #THIRSummit Joe Petroske demonstrates effective tech [...]

Search URL Search Domain Scan URL

URL: https://twitter.com/sansforensics

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/SANS-Institute/173623382673767

Search URL Search Domain Scan URL

URL: http://www.addsearch.com/?utm_source=customer&utm_medium=referer&utm_campaign=customer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.sans.org/?qs=abd59e6b8af5bb1a378ea1d59ec356b6b3d3096b01f538b65c88d4a57da432307a5ae33c021eeba9a082f6904ac27b915ec5237c7bb88caa HTTP 302
https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1744085172&utmhn=digital-forensics.sans.org&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=EZ%20Tools%20%7C%20Digital%20Forensics%20Tools%20from%20SANS&utmhid=1135254623&utmr=-&utmp=%2Fcommunity%2Fdownloads%2Fdigital-forensics-tools%3Futm_medium%3DEmail%26utm_source%3DHL%26utm_content%3DSANS%2BFree%2BResources%2BEZTools%26utm_campaign%3DSANS%2BResources&utmht=1605321907378&utmac=UA-25324117-2&utmcc=__utma%3D71453702.17013982.1605321907.1605321907.1605321907.1%3B%2B__utmz%3D71453702.1605321907.1.1.utmcsr%3DHL%7Cutmccn%3DSANS%2520Resources%7Cutmcmd%3DEmail%7Cutmcct%3DSANS%2520Free%2520Resources%2520EZTools%3B&utmjid=2127053437&utmredir=3&utmu=qjAAAAAAAAAAAAAAAAAAAQAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25324117-2&cid=17013982.1605321907&jid=2127053437&_v=5.7.2dc&z=1744085172 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25324117-2&cid=17013982.1605321907&jid=2127053437&_v=5.7.2dc&z=1744085172&slf_rd=1&random=1817251398

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request digital-forensics-tools Show response
digital-forensics.sans.org/community/downloads/
Redirect Chain

https://click.email.sans.org/?qs=abd59e6b8af5bb1a378ea1d59ec356b6b3d3096b01f538b65c88d4a57da432307a5ae33c021eeba9a082f6904ac27b915ec5237c7bb88caa
https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources

38 KB
12 KB

712ms
665ms

Document
text/html

45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4b117b4866b69f4e913ca47941631aa684f141648070df70f76ad0a62269f2bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: digital-forensics.sans.org
:scheme: https
:path: /community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 14 Nov 2020 02:45:06 GMT
content-type: text/html; charset=ISO-8859-1
set-cookie: AWSALB=/gZEQ6Q0NAeWSovyItUI54JPxK92Epa8pTxN+CE6o3vU4VJxF7dRklolPvh9ImxFaiMRIN6ffGoeCUeCDQruezDs+AmISa0krmUzYUXenQtmpXVKhqUKc2CuiSdx; Expires=Sat, 21 Nov 2020 02:45:06 GMT; Path=/ AWSALBCORS=/gZEQ6Q0NAeWSovyItUI54JPxK92Epa8pTxN+CE6o3vU4VJxF7dRklolPvh9ImxFaiMRIN6ffGoeCUeCDQruezDs+AmISa0krmUzYUXenQtmpXVKhqUKc2CuiSdx; Expires=Sat, 21 Nov 2020 02:45:06 GMT; Path=/; SameSite=None; Secure sans=5ieukhek1hor57s6kpebgjuoe6; path=/; domain=digital-forensics.sans.org; secure; HttpOnly sans_awa=eyJyZWZlcnJlcl91cmwiOiJkaXJlY3QiLCJ1dG1fY2FtcGFpZ24iOiJTQU5TIFJlc291cmNlcyIsInV0bV9zb3VyY2UiOiJITCIsInV0bV9jb250ZW50IjoiU0FOUyBGcmVlIFJlc291cmNlcyBFWlRvb2xzIiwidXRtX21lZGl1bSI6IkVtYWlsIn0%3D; expires=Sun, 15-Nov-2020 02:45:06 GMT; Max-Age=86400; path=/; domain=.sans.org; secure; httponly no-edge=1; path=/; domain=digital-forensics.sans.org; secure; httponly visid_incap_1819929=VFdEboJATtegdZlgEcF0wbFEr18AAAAAQUIPAAAAAAD8tnPdtDEoqoCffth/ruks; expires=Sat, 13 Nov 2021 08:27:04 GMT; HttpOnly; path=/; Domain=.sans.org; Secure; SameSite=None nlbi_1819929=AqqyRVqbswWkSjLOLyVZfwAAAAB82/BCe1wlSZmoSkWwmrWD; path=/; Domain=.sans.org; Secure; SameSite=None incap_ses_697_1819929=iDYAIjWPNRSlCLEy/T2sCbFEr18AAAAAVnNQMJ2qXzn2uxvJQNB4yg==; path=/; Domain=.sans.org; Secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-level: live
x-cdn: Incapsula
strict-transport-security: max-age=31556926; includeSubdomains
expect-ct: max-age=84600; enforce
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-iinfo: 6-10050043-10050044 NNNN CT(107 221 0) RT(1605321905333 0) q(0 0 3 1) r(6 6) U2

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
Date: Sat, 14 Nov 2020 02:45:05 GMT
Connection: close
Content-Length: 306

GET
H2 200 styles.css
digital-forensics.sans.org/css2/common/ 215 KB
31 KB 27ms
24ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/styles.css

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a5f66b4a7b85563b0bed83305c3f678b2d788630af52b20bcf3a40c3cc62fbb1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050047-10048002 2CNN RT(1605321906006 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 31351
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "35aea-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 site_selector.css
digital-forensics.sans.org/css2/common/ 4 KB
1 KB 28ms
25ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/site_selector.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ecb80ede12c39d40bb699e63448e9d2dc2beff0a0ff6c47d73adf43e07b403eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050048-10049520 2CNN RT(1605321906009 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1123
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "105f-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 slider_hack.css
digital-forensics.sans.org/css2/common/ 4 KB
1 KB 30ms
27ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/slider_hack.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

15cee062c824ff37555475cf9a65d1e051985171ed2dbd0d6dde83b972266429

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050049-10049543 2CNN RT(1605321906010 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1224
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "1153-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 styles_hack.css
digital-forensics.sans.org/css2/common/slider/ 5 KB
1 KB 30ms
28ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/slider/styles_hack.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

792008e5b473721bda679bb0996576d499f06f87affe10d3a1dae5b62c25919d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050050-10049518 2CNN RT(1605321906012 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1375
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "1344-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 forensics.css
digital-forensics.sans.org/css2/common/sites/ 9 KB
2 KB 31ms
29ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/sites/forensics.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8b6686b581339322543d8bbbf5c97c1a073b72c43dfa165897cbd74081933fe8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050051-10047711 2CNN RT(1605321906013 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2058
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "2513-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 gdpr-form-fields.css
digital-forensics.sans.org/css2/common/ 2 KB
1 KB 469ms
467ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/gdpr-form-fields.css?v=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3fc70ef8ae9e69f4b82cecf14ce9dd07263d875e90ce2de557adde033ca9f95e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050052-10049520 2NNN RT(1605321906014 0) q(0 0 0 -1) r(4 4)
strict-transport-security: max-age=31556926; includeSubdomains
content-length: 632
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:21 GMT
x-frame-options: SAMEORIGIN
etag: "64c-5b40479ddc840-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 bootstrap-modal.min.css
digital-forensics.sans.org/css2/common/ 5 KB
2 KB 502ms
500ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/bootstrap-modal.min.css?v=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050053-10049543 2NNN RT(1605321906015 0) q(0 0 0 -1) r(4 4)
strict-transport-security: max-age=31556926; includeSubdomains
content-length: 1535
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:21 GMT
x-frame-options: SAMEORIGIN
etag: "1329-5b40479ddc840-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
digital-forensics.sans.org/scripts/libs/ 94 KB
33 KB 35ms
33ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/scripts/libs/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d6271f6c1c509d78ee10f14174542be0db49486fe7c23201c1b517a063f578e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050054-10047013 2CNN RT(1605321906016 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 33213
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "176d5-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 jquery-ui.min.js Show response
digital-forensics.sans.org/scripts/libs/ 222 KB
59 KB 34ms
32ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/scripts/libs/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d13dda66728e0602194ae8bc790433e54d79478099012c3d1cf8bd4bc96314a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050055-10047711 2CNN RT(1605321906018 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 60255
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "37cb6-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 4e8a304c49.js Show response
kit.fontawesome.com/ 10 KB
4 KB 54ms
38ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/4e8a304c49.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5c653d4c83c7f99ad509a99524ac200722c9fc5d06cab55e572d4555d02add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
vary: origin, accept-encoding
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=31536000; preload
cf-request-id: 06663d7188000006258b347000000001
x-request-id: Fkc_xMjhFhgbaHVRQohh
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
cf-ray: 5f1d64fc0d950625-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 eztools.js Show response
digital-forensics.sans.org/scripts/sites/dfir/ 817 B
756 B 526ms
524ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/scripts/sites/dfir/eztools.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

acacf7aa53cbcf93e5d82584233bb6c3be07898bfccb2a8384f0edd83e381fd1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050056-10050057 2NNN RT(1605321906019 0) q(0 0 0 -1) r(0 5) U18
strict-transport-security: max-age=31556926; includeSubdomains
content-length: 305
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:22 GMT
x-frame-options: SAMEORIGIN
etag: "331-5b40479ed0a80-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 gdpr-common.js Show response
digital-forensics.sans.org/scripts/sites/sans/account/ 7 KB
2 KB 510ms
509ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/scripts/sites/sans/account/gdpr-common.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bd7b398090fc36d37202f7cc1f61272698dfb97f611509e21061905840aacef5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050058-10048002 2NNN RT(1605321906024 0) q(0 0 0 -1) r(4 4)
strict-transport-security: max-age=31556926; includeSubdomains
content-length: 1879
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:22 GMT
x-frame-options: SAMEORIGIN
etag: "1a73-5b40479ed0a80-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 logo.png
digital-forensics.sans.org/images/design-site/ 6 KB
6 KB 22ms
18ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design-site/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

421b0c430fd63e35e1d0c6c5e4918918f94d2f06a28c3790edf87689c46ab86b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050062-10049520 2CNN RT(1605321906570 0) q(0 0 0 -1) r(0 0)
content-length: 6416
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "1e18-5b3f12f344c00"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 forensics.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 2 KB
2 KB 27ms
22ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/forensics.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ae36a366c894c9e1543420a9183a1a0067d942804fc71b617eb00101de93a931

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050063-10050057 2CNN RT(1605321906574 0) q(0 0 0 -1) r(0 0)
content-length: 1705
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "6a9-5a6f4543bf7a9"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 sans.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 519 B
628 B 27ms
22ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/sans.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a7705c77a9c0abd3d955498bdcf759a45abc08dd186e3356a63317cb0fb3a179

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050064-10048002 2CNN RT(1605321906575 0) q(0 0 0 -1) r(0 0)
content-length: 519
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "840-5a6f4543bf846"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 giac.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 461 B
612 B 28ms
23ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/giac.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ff7cd83b6ba83a8477cc9e33a1a96368c279494c0e0a56c0e2cafd24e79cca78

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050065-10049520 2CNN RT(1605321906576 0) q(0 0 0 -1) r(0 0)
content-length: 461
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "37e-5a6f4543bf828"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29248, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:34 GMT

GET
H2 200 isc.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 2 KB
2 KB 28ms
24ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/isc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b341da27af0df3b1a684241bf1435aba85361e7bc7aa7c1e5a8882bfa3e459a9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050066-10049543 2CNN RT(1605321906577 0) q(0 0 0 -1) r(0 0)
content-length: 1792
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "748-5a6f4543bf837"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 sti.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 2 KB
2 KB 29ms
25ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/sti.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

08437a64c380db83be2d703c3077615332a21a4d563ddddfa5f68aac03de20b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050067-10048002 2CNN RT(1605321906578 0) q(0 0 0 -1) r(0 0)
content-length: 1751
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "c71-5a6f4543bf7ae"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 awareness.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 2 KB
2 KB 30ms
26ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/awareness.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

73ee4eef63ce261015f3c896e229a478865e56769ebaa1ed897c0522b50ba10e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050068-10049520 2CNN RT(1605321906579 0) q(0 0 0 -1) r(0 0)
content-length: 2060
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "c78-5a6f4543bf83c"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29248, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:34 GMT

GET
H2 200 cyber-defense.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 1 KB
2 KB 30ms
26ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/cyber-defense.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d24fdfd774af36db06be4c1a229d841d1798983f408d3eddb25827fae18bb7b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050069-10049543 2CNN RT(1605321906580 0) q(0 0 0 -1) r(0 0)
content-length: 1493
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "651-5a6f4543bf82d"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 pentest.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 1 KB
2 KB 31ms
27ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/pentest.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1a94a7e433b020b7bc8c84434d231288761fdd5661d458309dcbdcb1e3fd267e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050070-10048002 2CNN RT(1605321906581 0) q(0 0 0 -1) r(0 0)
content-length: 1494
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "69e-5a6f4543bf86d"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 ics.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 3 KB
3 KB 36ms
32ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ics.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

acfd97403f7d84235370af15a11711981e3b2b4e3a7c92d65c9aee07cfe85d03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050071-10048002 2CNN RT(1605321906586 0) q(0 0 0 -1) r(0 0)
content-length: 2967
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "b97-5a6f4543bf832"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 ssi.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 1 KB
2 KB 37ms
33ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ssi.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bbdb902706ef76b2034a4059d4c61c81751fb61ce99b75af4b4b6021c01337a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050072-10049520 2CNN RT(1605321906587 0) q(0 0 0 -1) r(0 0)
content-length: 1388
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "5f4-5a6f4543bf7a4"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 sic.png
digital-forensics.sans.org/images/design/custom/site-selector/site-icons/ 5 KB
5 KB 37ms
34ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-icons/sic.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5eb682c4e68f9a2083ba0a4a94205731aa897b828297cb797b5fbb07a66c389d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050073-10047711 2CNN RT(1605321906587 0) q(0 0 0 -1) r(0 0)
content-length: 5100
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "1846-5a6f4543bf7b8"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 addSearch.js Show response
digital-forensics.sans.org/scripts/ 2 KB
862 B 23ms
22ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/scripts/addSearch.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef543144cb29d55ff80cedd2c6636e037532fa1cb924a3f1e4ff38c316559090

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050061-10050057 2CNN RT(1605321906569 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 750
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "6c5-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 EZTools_logo.png
digital-forensics.sans.org/images/ 7 KB
8 KB 154ms
150ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/EZTools_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

337868752963469d82420146fe8aabe42b5ae6ee7cf7cb8a784af844a234016c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050074-10048002 2NNN RT(1605321906588 0) q(0 0 0 -1) r(2 2) U18
content-length: 7138
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:22 GMT
x-frame-options: SAMEORIGIN
etag: "1be2-5b40479ed0a80"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
content-type: image/png
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 eric-zimmerman.png
digital-forensics.sans.org/images/ 29 KB
30 KB 258ms
254ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/eric-zimmerman.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a36f5ac31293a82fc85320a74c2be7380ff7e7fa19d303a57d94a4a3cd446e50

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050075-10049520 2NNN RT(1605321906589 0) q(0 0 0 -1) r(3 3) U18
content-length: 29774
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:22 GMT
x-frame-options: SAMEORIGIN
etag: "744e-5b40479ed0a80"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
content-type: image/png
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 logo-footer.png
digital-forensics.sans.org/images/design-site/ 3 KB
4 KB 39ms
36ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design-site/logo-footer.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

853c5938cf9fcf531a2576dffb20245d5717b1d62d38d227730312c13716b6fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050076-10047711 2CNN RT(1605321906590 0) q(0 0 0 -1) r(0 0)
content-length: 3539
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "127e-5b3f12f344c00"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:36 GMT

GET
H2 200 twitter-icon.png
digital-forensics.sans.org/images/design/custom/icons/ 639 B
796 B 47ms
44ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/icons/twitter-icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d2c9242a9535f2a13732419552d5ae8d2df5e95ffb82bdd128fdfc1c28f49efc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050077-10049543 2CNN RT(1605321906591 0) q(0 0 0 -1) r(0 0)
content-length: 639
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:40:05 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "4aa-5a6f454978727"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 facebook-icon.png
digital-forensics.sans.org/images/design/custom/icons/ 1 KB
1 KB 48ms
45ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/icons/facebook-icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b5bbeebd5672dcff16587652d5380c9ce294d0111eb6f82368da1f5dd113792c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050078-10050057 2CNN RT(1605321906591 0) q(0 0 0 -1) r(0 0)
content-length: 1214
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:40:05 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "4be-5a6f454978746"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 rss-icon.png
digital-forensics.sans.org/images/design/custom/icons/ 1 KB
2 KB 48ms
45ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/icons/rss-icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

945790cd5a06da05916a9d54b0b267c7a1d7183a1f23eb8b0686ec6e125c42df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050079-10049518 2CNN RT(1605321906592 0) q(0 0 0 -1) r(1 1)
content-length: 1425
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:40:10 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "5ab-5a6f454e3cf21"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 _Incapsula_Resource Show response
digital-forensics.sans.org/ 133 KB
19 KB 45ms
43ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1726321119

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d63d336427c54a2dea0b6356a95f02d4fbd6da969c98a6b145b81809b9fb764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19398
content-type: application/javascript

GET
H2 200 all.css
digital-forensics.sans.org/css2/common/libs/fontawesome5/css/ 45 KB
10 KB 20ms
20ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/libs/fontawesome5/css/all.css

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/css2/common/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050059-10047711 2CNN RT(1605321906064 0) q(0 0 0 -1) r(0 0)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 9929
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:23 GMT
x-frame-options: SAMEORIGIN
etag: "b277-5b3f12f2509c0-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=29250, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:36 GMT

OPTIONS
H2 200 free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ Frame 0
0 37ms
21ms Other 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://digital-forensics.sans.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Sat, 14 Nov 2020 02:45:07 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: zAGhYKaI4hFAOeXmwlEim2GJ24NxLBmepmxKElyOy0Yfm9Irsqo4Hg==
age: 39795
cf-cache-status: DYNAMIC
cf-request-id: 06663d73bc00002b4dbc2d8000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EFxAp5Wkph8KrFM4NIcxU5l67Obt%2F3r2S13i6O9Hj3rWbGybXmYylNkduTwiMe4J4DDAGzVJ%2BYUGNdOGMgsI2ONIEvNN4AWFZuimotzlZ6vOy3mfT%2FWd4BeK62Lcrlrzbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f1d64ff8c212b4d-FRA

GET
H2 200 gas.min.js Show response
digital-forensics.sans.org/scripts/libs/GAS/ 16 KB
5 KB 50ms
47ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/scripts/libs/GAS/gas.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

084224ec4da00481d9247f975de9efd248b15871b29dd21e774f670edae1484f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050081-10050057 2CNN RT(1605321906599 0) q(0 1 1 -1) r(1 1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5365
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Nov 2020 23:22:24 GMT
x-frame-options: SAMEORIGIN
etag: "3eff-5b3f12f344c00-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 59 KB
13 KB 16ms
16ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4e8a304c49.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: 4e8a304c49

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 840706
x-cache: Hit from cloudfront
status: 200
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 06663d73d000002b4dce390000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"319d424ba89a84bbd230a3b5f7024193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hcEQYBJ5W9oWfYGfR%2B9SBgjynuGHpyeLHx6uC0aiIu7Ey6e%2FrlZor83ZhHDJAfElEksDDPYUCjjQQDKbuUAEuU96uRzbUCcEx6pYmbAhWUYOvHV%2FgoaW6ywiUN3nKkZppg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
cf-ray: 5f1d64ffbc5f2b4d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 4y2K6fxxw2fyhMHnFbqAxnkpdImRtOzXLQDODhlqXMFwAgBxAfxJyg==

GET
H2 200 topbg_black.gif
digital-forensics.sans.org/images/design/standard/ 1 KB
2 KB 172ms
169ms Image
image/gif 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/standard/topbg_black.gif

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

339b892802d00883a0dd4398ec3ec65c321c6790361b9337e7a0f1b578b86df9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/css2/common/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050082-10049518 2VNN RT(1605321906602 0) q(0 0 0 -1) r(1 1)
content-length: 1480
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:40:18 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "5c8-5a6f4555de0cf"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
expires: Sun, 15 Nov 2020 02:45:06 GMT

GET
H2 200 site-switcher.png
digital-forensics.sans.org/images/design/custom/site-selector/ 1 KB
1 KB 52ms
50ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/site-selector/site-switcher.png

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/site_selector.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

03a29d65b63160f86f692fdbf5fd8d9212e037ac09b56d41fe836989e0b7f916

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/css2/common/site_selector.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050083-10047711 2CNN RT(1605321906603 0) q(0 0 0 -1) r(0 0)
content-length: 1128
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:59 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "468-5a6f4543bf799"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 information.png
digital-forensics.sans.org/images/icons/fugue3.0/icons-24/ 2 KB
2 KB 52ms
50ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/icons/fugue3.0/icons-24/information.png

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/site_selector.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

786bfc0796f7d9c1483f7a4f333bd17186e2305a6fdb1f488651d4cc263e794d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/css2/common/site_selector.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050084-10049543 2CNN RT(1605321906604 0) q(0 0 0 -1) r(0 0)
content-length: 1541
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:39:19 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "615-5a6f451d99f0d"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 54 KB
14 KB 121ms
48ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/searchui/v3/?key=58b8a4a0d3818cf198ff88f660f8f8f9&i=

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/scripts/addSearch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

9f1fbf5d497983fb418d31b11efbd82a5c9ba55856a384d0eb81d4b0e83b14b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 02:45:07 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;

GET
H2 200 yEmLuj3oDzs
www.youtube.com/embed/ Frame 5AF3 0
0 117ms
96ms Document
text/html 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/yEmLuj3oDzs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/yEmLuj3oDzs
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://digital-forensics.sans.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://digital-forensics.sans.org/

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache
content-length: 19966
strict-transport-security: max-age=31536000
date: Sat, 14 Nov 2020 02:45:07 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=eQDKUybySQw; path=/; domain=.youtube.com; secure; expires=Thu, 13-May-2021 02:45:07 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=eQDKUybySQw; path=/; domain=.youtube.com; secure; expires=Thu, 13-May-2021 02:45:07 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 14-Nov-2020 03:15:07 GMT YSC=1y8d-seUndg; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 GhCZfCzn2l0
www.youtube.com/embed/ Frame BA19 0
0 147ms
128ms Document
text/html 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/GhCZfCzn2l0?enablejsapi=1&rel=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/GhCZfCzn2l0?enablejsapi=1&rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://digital-forensics.sans.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://digital-forensics.sans.org/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-length: 20156
x-content-type-options: nosniff
date: Sat, 14 Nov 2020 02:45:07 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=RqL06O-oitE; path=/; domain=.youtube.com; secure; expires=Thu, 13-May-2021 02:45:07 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=RqL06O-oitE; path=/; domain=.youtube.com; secure; expires=Thu, 13-May-2021 02:45:07 GMT; httponly; samesite=None YSC=ObLk-W8tcAI; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sat, 14-Nov-2020 03:15:07 GMT
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK AAAAAA-20.png
addsearch.com/logo/ 631 B
912 B 99ms
32ms Image
image/png 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://addsearch.com/logo/AAAAAA-20.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

048de346782234f3d5258455744f6f562237cb6c16f4dbbcd287e07582bd14f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 02:45:07 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 631
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Diavlo_LIGHT_II_37.otf
digital-forensics.sans.org/fonts/ 33 KB
33 KB 19ms
19ms Font
application/vnd.oasis.opendocument.formula-template 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/fonts/Diavlo_LIGHT_II_37.otf

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

27169de0753bb6bd81452655e1c3c261b8f0b72cf5fc0db4cbe1780dedaf6bd6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Origin: https://digital-forensics.sans.org
Referer: https://digital-forensics.sans.org/css2/common/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050085-10047711 2CNN RT(1605321906606 0) q(0 0 0 -1) r(0 0)
content-length: 33404
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Jan 2017 23:16:01 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "827c-545d9c8b3d26d"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.oasis.opendocument.formula-template
cache-control: max-age=51762, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 17:07:48 GMT

GET
H2 200 col_border.png
digital-forensics.sans.org/images/design/custom/misc/ 249 B
445 B 20ms
20ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/misc/col_border.png

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d463e81153e6f5a05f54f079ca4930228b4263e33f8557a4231295db4ca8414d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/css2/common/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050086-10047711 2CNN RT(1605321906613 0) q(0 0 0 -1) r(0 0) U18
content-length: 249
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:40:01 GMT
x-frame-options: SAMEORIGIN
etag: "f9-5a6f4545a7b9b"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29319, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:53:46 GMT

GET
H2 200 footer_fade.png
digital-forensics.sans.org/images/design/custom/misc/ 175 B
339 B 28ms
28ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/images/design/custom/misc/footer_fade.png

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f08044440f12dba2ba84779cc1034fbf90b68b70a9d95650aa26b716ae336bec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/css2/common/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050087-10050088 2CNN RT(1605321906614 0) q(0 0 0 -1) r(0 0)
content-length: 175
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 31 May 2020 16:40:00 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "af-5a6f4544b38f1"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
cache-control: max-age=29249, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:35 GMT

GET
H2 200 fontawesome-webfont.woff
digital-forensics.sans.org/fonts/FontAwesome/ 70 KB
70 KB 21ms
20ms Font
application/font-woff 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/fonts/FontAwesome/fontawesome-webfont.woff

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Origin: https://digital-forensics.sans.org
Referer: https://digital-forensics.sans.org/css2/common/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:06 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050089-10049543 2CNN RT(1605321906616 0) q(0 0 0 -1) r(0 0)
content-length: 71505
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Jan 2017 23:16:02 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
etag: "11754-545d9c8c310df"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/font-woff
cache-control: max-age=29250, public
content-security-policy: frame-ancestors 'self'
expires: Sat, 14 Nov 2020 10:52:36 GMT

GET
H2 200 fa-solid-900.woff2
digital-forensics.sans.org/css2/common/libs/fontawesome5/webfonts/ 58 KB
59 KB 132ms
131ms Font
text/plain 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/libs/fontawesome5/webfonts/fa-solid-900.woff2

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/libs/fontawesome5/css/all.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dabc5611fef3e9312a45efe21ea1bd50bc9e2c13e8f54b74384bfa09ad58a886

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://digital-forensics.sans.org
Referer: https://digital-forensics.sans.org/css2/common/libs/fontawesome5/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050090-10050044 PNNN RT(1605321906617 0) q(0 0 0 -1) r(1 1) U18
content-length: 59572
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:22 GMT
x-frame-options: SAMEORIGIN
etag: "e8b4-5b40479ed0a80"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 fa-brands-400.woff2
digital-forensics.sans.org/css2/common/libs/fontawesome5/webfonts/ 62 KB
62 KB 241ms
240ms Font
text/plain 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/libs/fontawesome5/webfonts/fa-brands-400.woff2

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/libs/fontawesome5/css/all.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

70fcd86984dd880808a91726fd9b52f6eba86463d9ec101cd8ed2e72bb356514

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://digital-forensics.sans.org
Referer: https://digital-forensics.sans.org/css2/common/libs/fontawesome5/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050091-10050092 NNNY CT(0 0 0) RT(1605321906618 0) q(0 0 0 -1) r(1 2) U18
content-length: 63376
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:22 GMT
x-frame-options: SAMEORIGIN
etag: "f790-5b40479ed0a80"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 jquery-ui.css
digital-forensics.sans.org/css2/common/ 34 KB
6 KB 150ms
150ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/css2/common/jquery-ui.css

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/scripts/libs/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f025f16d888ce1c0910bd11a5edbd69b88c6499db3360bbe7a3b299d304ee839

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050093-10050088 2NNN RT(1605321906662 0) q(0 0 0 -1) r(1 1)
strict-transport-security: max-age=31556926; includeSubdomains
content-length: 5967
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:21 GMT
x-frame-options: SAMEORIGIN
etag: "88c1-5b40479ddc840-gzip"
expect-ct: max-age=84600; enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

GET
H2 200 get-countries-json Show response
digital-forensics.sans.org/gdpr/ 16 KB
4 KB 350ms
350ms XHR
application/json 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/gdpr/get-countries-json

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/scripts/libs/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

94e733cf4138a9ec140a5a5c87e4d1f533717c6ecbb717a0ba61253911cedd7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050094-10050097 NNYY CT(0 0 0) RT(1605321906663 0) q(0 1 1 -1) r(2 3) U2
x-xss-protection: 1; mode=block
x-level: live
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.counterhackchallenges.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-ancestors 'self'
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 get-countries-json Show response
digital-forensics.sans.org/gdpr/ 16 KB
4 KB 386ms
385ms XHR
application/json 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/gdpr/get-countries-json

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/scripts/libs/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

94e733cf4138a9ec140a5a5c87e4d1f533717c6ecbb717a0ba61253911cedd7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050095-10050099 NNYY CT(0 0 0) RT(1605321906664 0) q(0 1 1 -1) r(3 4) U2
x-xss-protection: 1; mode=block
x-level: live
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.counterhackchallenges.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-ancestors 'self'
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 get-gdpr-notice Show response
digital-forensics.sans.org/gdpr/ 5 KB
2 KB 391ms
391ms XHR
application/json 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://digital-forensics.sans.org/gdpr/get-gdpr-notice

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/scripts/libs/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2d23c81ab26b0adc84c9d2a1517087a171fa119236f92a29dbd0aad343b06453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050096-10050100 NNYY CT(0 0 0) RT(1605321906665 0) q(0 1 1 -1) r(4 4) U2
x-xss-protection: 1; mode=block
x-level: live
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-ancestors 'self'
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _Incapsula_Resource
digital-forensics.sans.org/ 1 B
36 B 20ms
18ms Image
text/plain 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/_Incapsula_Resource?SWKMTFSR=1&e=0.10665733886129569

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 16ms
15ms Script
text/javascript 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/scripts/libs/GAS/gas.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4815
date: Sat, 14 Nov 2020 01:24:52 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 14 Nov 2020 03:24:52 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 12ms
12ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/webfonts/free-fa-solid-900.woff2
Requested by: Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d

Request headers

Origin: https://digital-forensics.sans.org
Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 405498
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 80284
cf-request-id: 06663d745000002b4df3262000000001
last-modified: Wed, 14 Oct 2020 21:22:07 GMT
server: cloudflare
etag: "5bc7518675e40f7be7ce3704db73b1c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jYT8dDr0ANUhdKkNk2xDTINFOZNBt%2BpVyx6pULVl1Wr7p631L4n6LTPKcr1DM2zHkZc5fKeIPBY49uMaQ0VU0TSer7R%2Fch%2FiTi7%2BFN5MaEDibLihGKU1uHnBKgvzfBD86w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 5f1d65007de42b4d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: EpF4wdHCVvjvyTUYUSnKo8Jn_k4Fc_SKHhhI2UtW1IH4YDya36t1NA==

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.1/webfonts/ 77 KB
77 KB 16ms
16ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/webfonts/free-fa-brands-400.woff2
Requested by: Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/community/downloads/digital-forensics-tools?utm_medium=Email&utm_source=HL&utm_content=SANS+Free+Resources+EZTools&utm_campaign=SANS+Resources
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9f8f6016e85df96481c714a732c64f3b82281c46a5a6f4044a4a62d8276078

Request headers

Origin: https://digital-forensics.sans.org
Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 938653
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 78524
cf-request-id: 06663d745200002b4dcd886000000001
last-modified: Wed, 14 Oct 2020 21:22:07 GMT
server: cloudflare
etag: "9875115c0a4706e6431b8ddc45afd3c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YxoSL%2Fd%2F0gp52QLn6aEKHZRac6xWxin9Dh%2FY%2FPgSOb6s4TccOa4FStYQGLveCL%2FBDCHV2PcMPfnjN5yZxGVTg9aEHrwBHClsCGOuQHfzY3JYovJBj4PdPMSF1h6jBB5yLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
cf-ray: 5f1d65008de92b4d-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ontIHJNXMz0xXZ5RUmYLuZOT6O8_z0QagT6PS8IdH1SAP0NokINS7A==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 player_api Show response
www.youtube.com/ 859 B
970 B 77ms
76ms Script
application/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/scripts/libs/GAS/gas.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

a779d1241226008bf4efa4055b8f99151540ccdf524b7e0687f63eff2e2ec3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1744085172&utmhn=digital-forensics.sans.org&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25324117-2&cid=17013982.1605321907&jid=2127053437&_v=5.7.2dc&z=1744085172
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25324117-2&cid=17013982.1605321907&jid=2127053437&_v=5.7.2dc&z=1744085172&slf_rd=1&random=1817251398

42 B
107 B

18ms
17ms

Image
image/gif

2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25324117-2&cid=17013982.1605321907&jid=2127053437&_v=5.7.2dc&z=1744085172&slf_rd=1&random=1817251398

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-25324117-2&cid=17013982.1605321907&jid=2127053437&_v=5.7.2dc&z=1744085172&slf_rd=1&random=1817251398
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflTj3NPM/ 100 KB
36 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflTj3NPM/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325bdbcd9ffd6f5542609ff47aa3cbcad79c64802fb1119414d43d342d809273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://digital-forensics.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 14:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216003
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36644
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 13:47:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 19 Nov 2020 14:45:04 GMT

GET
H2 200 ui-bg_flat_75_ffffff_40x100.png
digital-forensics.sans.org/css2/common/images/ 178 B
649 B 136ms
135ms Image
image/png 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digital-forensics.sans.org/css2/common/images/ui-bg_flat_75_ffffff_40x100.png

Requested by

Host: digital-forensics.sans.org
URL: https://digital-forensics.sans.org/css2/common/jquery-ui.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digital-forensics.sans.org/css2/common/jquery-ui.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 02:45:07 GMT
x-content-type-options: nosniff
x-cdn: Incapsula
status: 200
x-iinfo: 6-10050101-10049520 2NNN RT(1605321907046 0) q(0 0 0 -1) r(1 1)
content-length: 178
x-xss-protection: 1; mode=block
x-level: live
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 22:23:21 GMT
x-frame-options: SAMEORIGIN
etag: "b2-5b40479ddc840"
expect-ct: max-age=84600; enforce
strict-transport-security: max-age=31556926; includeSubdomains
content-type: image/png
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
digital-forensics.sans.org/	1970-01-19 14:05:26	Name: AWSALBCORS Value: tQET3YoLKu/yQglRKmxnGfWS0lDKJZ5uXDY9bThadyayMxgR1jPdcIfhLfbC4N6RSo7Y2ApDl6UbSbzGTvOAay9+SXCJWfLeE7Y2NVg8o1K75toLzOjd9IeNvKmQ
.digital-forensics.sans.org/	1970-01-19 13:55:23	Name: __utmb Value: 71453702.1.10.1605321907
.digital-forensics.sans.org/	1970-01-19 18:18:09	Name: __utmz Value: 71453702.1605321907.1.1.utmcsr=HL\|utmccn=SANS%20Resources\|utmcmd=Email\|utmcct=SANS%20Free%20Resources%20EZTools
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ObLk-W8tcAI
digital-forensics.sans.org/	1970-01-19 14:05:26	Name: AWSALB Value: tQET3YoLKu/yQglRKmxnGfWS0lDKJZ5uXDY9bThadyayMxgR1jPdcIfhLfbC4N6RSo7Y2ApDl6UbSbzGTvOAay9+SXCJWfLeE7Y2NVg8o1K75toLzOjd9IeNvKmQ
.sans.org/	1970-01-19 22:39:52	Name: visid_incap_1819929 Value: VFdEboJATtegdZlgEcF0wbFEr18AAAAAQUIPAAAAAAD8tnPdtDEoqoCffth/ruks
.digital-forensics.sans.org/	1970-01-20 07:26:33	Name: __utma Value: 71453702.17013982.1605321907.1605321907.1605321907.1
.sans.org/	1969-12-31 23:59:59	Name: incap_ses_697_1819929 Value: iDYAIjWPNRSlCLEy/T2sCbFEr18AAAAAVnNQMJ2qXzn2uxvJQNB4yg==
.digital-forensics.sans.org/	1969-12-31 23:59:59	Name: __utmc Value: 71453702
.digital-forensics.sans.org/	1970-01-19 13:55:22	Name: __utmt Value: 1
.sans.org/	1970-01-19 13:56:48	Name: sans_awa Value: eyJyZWZlcnJlcl91cmwiOiJkaXJlY3QiLCJ1dG1fY2FtcGFpZ24iOiJTQU5TIFJlc291cmNlcyIsInV0bV9zb3VyY2UiOiJITCIsInV0bV9jb250ZW50IjoiU0FOUyBGcmVlIFJlc291cmNlcyBFWlRvb2xzIiwidXRtX21lZGl1bSI6IkVtYWlsIn0%3D
.sans.org/	1969-12-31 23:59:59	Name: nlbi_1819929 Value: AqqyRVqbswWkSjLOLyVZfwAAAAB82/BCe1wlSZmoSkWwmrWD
.youtube.com/	1970-01-19 18:14:33	Name: VISITOR_INFO1_LIVE Value: RqL06O-oitE
.digital-forensics.sans.org/	1969-12-31 23:59:59	Name: no-edge Value: 1
.digital-forensics.sans.org/	1969-12-31 23:59:59	Name: sans Value: 5ieukhek1hor57s6kpebgjuoe6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31556926; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsearch.com
click.email.sans.org
digital-forensics.sans.org
ka-f.fontawesome.com
kit.fontawesome.com
s.ytimg.com
stats.g.doubleclick.net
www.google.com
www.google.de
www.youtube.com
136.147.189.155
2606:4700::6812:1634
2606:4700:e6::ac40:cb1c
2a00:1450:4001:803::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::200e
2a00:1450:400c:c00::9c
2a00:1450:400c:c03::9b
45.60.33.34
52.166.11.26
01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d
03a29d65b63160f86f692fdbf5fd8d9212e037ac09b56d41fe836989e0b7f916
048de346782234f3d5258455744f6f562237cb6c16f4dbbcd287e07582bd14f6
084224ec4da00481d9247f975de9efd248b15871b29dd21e774f670edae1484f
08437a64c380db83be2d703c3077615332a21a4d563ddddfa5f68aac03de20b4
0d5c653d4c83c7f99ad509a99524ac200722c9fc5d06cab55e572d4555d02add
0d6271f6c1c509d78ee10f14174542be0db49486fe7c23201c1b517a063f578e
0d63d336427c54a2dea0b6356a95f02d4fbd6da969c98a6b145b81809b9fb764
15cee062c824ff37555475cf9a65d1e051985171ed2dbd0d6dde83b972266429
1a94a7e433b020b7bc8c84434d231288761fdd5661d458309dcbdcb1e3fd267e
27169de0753bb6bd81452655e1c3c261b8f0b72cf5fc0db4cbe1780dedaf6bd6
2d23c81ab26b0adc84c9d2a1517087a171fa119236f92a29dbd0aad343b06453
325bdbcd9ffd6f5542609ff47aa3cbcad79c64802fb1119414d43d342d809273
337868752963469d82420146fe8aabe42b5ae6ee7cf7cb8a784af844a234016c
339b892802d00883a0dd4398ec3ec65c321c6790361b9337e7a0f1b578b86df9
39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5
3fc70ef8ae9e69f4b82cecf14ce9dd07263d875e90ce2de557adde033ca9f95e
421b0c430fd63e35e1d0c6c5e4918918f94d2f06a28c3790edf87689c46ab86b
4b117b4866b69f4e913ca47941631aa684f141648070df70f76ad0a62269f2bc
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
5a9f8f6016e85df96481c714a732c64f3b82281c46a5a6f4044a4a62d8276078
5eb682c4e68f9a2083ba0a4a94205731aa897b828297cb797b5fbb07a66c389d
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
70fcd86984dd880808a91726fd9b52f6eba86463d9ec101cd8ed2e72bb356514
73ee4eef63ce261015f3c896e229a478865e56769ebaa1ed897c0522b50ba10e
786bfc0796f7d9c1483f7a4f333bd17186e2305a6fdb1f488651d4cc263e794d
792008e5b473721bda679bb0996576d499f06f87affe10d3a1dae5b62c25919d
853c5938cf9fcf531a2576dffb20245d5717b1d62d38d227730312c13716b6fb
8b6686b581339322543d8bbbf5c97c1a073b72c43dfa165897cbd74081933fe8
945790cd5a06da05916a9d54b0b267c7a1d7183a1f23eb8b0686ec6e125c42df
94e733cf4138a9ec140a5a5c87e4d1f533717c6ecbb717a0ba61253911cedd7c
9f1fbf5d497983fb418d31b11efbd82a5c9ba55856a384d0eb81d4b0e83b14b1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a36f5ac31293a82fc85320a74c2be7380ff7e7fa19d303a57d94a4a3cd446e50
a5f66b4a7b85563b0bed83305c3f678b2d788630af52b20bcf3a40c3cc62fbb1
a7705c77a9c0abd3d955498bdcf759a45abc08dd186e3356a63317cb0fb3a179
a779d1241226008bf4efa4055b8f99151540ccdf524b7e0687f63eff2e2ec3a6
acacf7aa53cbcf93e5d82584233bb6c3be07898bfccb2a8384f0edd83e381fd1
acfd97403f7d84235370af15a11711981e3b2b4e3a7c92d65c9aee07cfe85d03
ae36a366c894c9e1543420a9183a1a0067d942804fc71b617eb00101de93a931
b341da27af0df3b1a684241bf1435aba85361e7bc7aa7c1e5a8882bfa3e459a9
b5bbeebd5672dcff16587652d5380c9ce294d0111eb6f82368da1f5dd113792c
bbdb902706ef76b2034a4059d4c61c81751fb61ce99b75af4b4b6021c01337a1
bd7b398090fc36d37202f7cc1f61272698dfb97f611509e21061905840aacef5
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d13dda66728e0602194ae8bc790433e54d79478099012c3d1cf8bd4bc96314a4
d24fdfd774af36db06be4c1a229d841d1798983f408d3eddb25827fae18bb7b1
d2c9242a9535f2a13732419552d5ae8d2df5e95ffb82bdd128fdfc1c28f49efc
d463e81153e6f5a05f54f079ca4930228b4263e33f8557a4231295db4ca8414d
dabc5611fef3e9312a45efe21ea1bd50bc9e2c13e8f54b74384bfa09ad58a886
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb80ede12c39d40bb699e63448e9d2dc2beff0a0ff6c47d73adf43e07b403eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef543144cb29d55ff80cedd2c6636e037532fa1cb924a3f1e4ff38c316559090
f025f16d888ce1c0910bd11a5edbd69b88c6499db3360bbe7a3b299d304ee839
f08044440f12dba2ba84779cc1034fbf90b68b70a9d95650aa26b716ae336bec
f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c
ff7cd83b6ba83a8477cc9e33a1a96368c279494c0e0a56c0e2cafd24e79cca78

digital-forensics.sans.org Open in urlscan Pro 45.60.33.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

73 %IPv6

8 Domains

10 Subdomains

9 IPs

4 Countries

743 kBTransfer

1590 kBSize

15 Cookies

58 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

digital-forensics.sans.org Open in urlscan Pro
45.60.33.34 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

73 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

743 kB
Transfer

1590 kB
Size

15
Cookies

62 HTTP transactions
1 data transactions