isc.sans.edu Open in urlscan Pro
45.60.31.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Submission: On May 08 via manual (May 8th 2024, 6:52:24 am UTC) from AU — Scanned from AU

Summary HTTP 34 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 34 HTTP transactions. The main IP is 45.60.31.34, located in United States and belongs to INCAPSULA, US. The main domain is isc.sans.edu. The Cisco Umbrella rank of the primary domain is 125726.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on January 19th 2024. Valid for: 6 months.

This is the only time isc.sans.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
33	45.60.31.34 45.60.31.34		19551 (INCAPSULA) (INCAPSULA)
34	2

33 45.60.31.34 (United States)

ASN19551 (INCAPSULA, US)

isc.sans.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	sans.edu isc.sans.edu — Cisco Umbrella Rank: 125726	619 KB
34	1

	Domain	Requested by
33	isc.sans.edu	isc.sans.edu
34	1

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.tripwire.com
en.wikipedia.org
www.theregister.com
www.trendmicro.com
developers.cloudflare.com
www.netskope.com
github.com
www.nettles.cz
infosec.exchange
bsky.app
creativecommons.org
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-19` - `2024-07-17`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Frame ID: CADDD1FF514694C7B6092DDEAD45A3D8
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Increase in the number of phishing messages pointing to IPFS and to R2 buckets - SANS Internet Storm Center

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

97 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

619 kB
Transfer

948 kB
Size

6
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F30744

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Increase%20in%20the%20number%20of%20phishing%20messages%20pointing%20to%20IPFS%20and%20to%20R2%20buckets&url=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F30744&via=SANS_ISC

Search URL Search Domain Scan URL

URL: https://www.tripwire.com/state-of-security/google-forms-used-call-back-phishing-scam
Title: 1

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/InterPlanetary_File_System
Title: 3

Search URL Search Domain Scan URL

URL: https://www.theregister.com/2022/07/29/ipfs_phishing_trustwave/
Title: 4

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/22/l/web3-ipfs-only-used-for-phishing---so-far.html
Title: 5

Search URL Search Domain Scan URL

URL: https://developers.cloudflare.com/r2/
Title: 7

Search URL Search Domain Scan URL

URL: https://developers.cloudflare.com/r2/buckets/public-buckets/
Title: 8

Search URL Search Domain Scan URL

URL: https://www.netskope.com/blog/evasive-phishing-campaign-steals-cloud-credentials-using-cloudflare-r2-and-turnstile
Title: 9

Search URL Search Domain Scan URL

URL: https://github.com/ipfs/public-gateway-checker/blob/main/gateways.json
Title: 10

Search URL Search Domain Scan URL

URL: https://twitter.com/jk0pr
Title: @jk0pr

Search URL Search Domain Scan URL

URL: https://www.nettles.cz/
Title: Nettles Consulting

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@sans_isc
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://bsky.app/profile/sansisc.bsky.social
Title: Bluesky

Search URL Search Domain Scan URL

URL: https://twitter.com/sans_isc
Title: X

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-nc-sa/4.0/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?gid=35470

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/ 39 KB
14 KB 6028ms
5526ms Document
text/html 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

d9c49541262a54f412d4e157926c62a4c413a02a02f4fc38768cd20d1cb1885f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src https://isc.sans.edu https://snap.licdn.com https://www.youtube.com https://challenges.cloudflare.com 'self' 'unsafe-inline' unsafe-eval;style-src 'self' 'unsafe-inline';img-src 'self' https://isc.sans.edu data:;font-src 'self' data: https://fonts.gstatic.com;media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com https://chrt.fm/ https://www.dshield.org;object-src 'none';child-src 'self' https://www.sans.org;frame-src 'self' https://www.sans.org https://www.youtube.com https://challenges.cloudflare.com https://www.youtube-nocookie.com;connect-src 'self' https://isc.sans.edu https://www.dshield.org https://api.sans.org;worker-src 'none';frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org;form-action 'self';manifest-src 'self' https://isc.sans.edu https://feeds.dshield.org;report-uri https://isc.sans.edu/cspreport.html;upgrade-insecure-requests ;block-all-mixed-content
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=600, s-maxage=600, public
content-encoding: gzip
content-security-policy: default-src 'self';script-src https://isc.sans.edu https://snap.licdn.com https://www.youtube.com https://challenges.cloudflare.com 'self' 'unsafe-inline' unsafe-eval;style-src 'self' 'unsafe-inline';img-src 'self' https://isc.sans.edu data:;font-src 'self' data: https://fonts.gstatic.com;media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com https://chrt.fm/ https://www.dshield.org;object-src 'none';child-src 'self' https://www.sans.org;frame-src 'self' https://www.sans.org https://www.youtube.com https://challenges.cloudflare.com https://www.youtube-nocookie.com;connect-src 'self' https://isc.sans.edu https://www.dshield.org https://api.sans.org;worker-src 'none';frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org;form-action 'self';manifest-src 'self' https://isc.sans.edu https://feeds.dshield.org;report-uri https://isc.sans.edu/cspreport.html;upgrade-insecure-requests ;block-all-mixed-content
content-type: text/html; charset=UTF-8
date: Wed, 08 May 2024 06:52:11 GMT
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: CP="NON DSP COR CURa ADMa DEVa HISa OUR SAMa DELa UNRa BUS"
permitted-cross-domain-policies: none
pragma: no-cache
randomness: ccf5152cbf37e2f6
referrer-policy: same-origin
server: nc -l -p 80
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-cdn: Imperva
x-content-type-options: nosniff
x-do-not-hack: 18 U.S.C. Parag 1030
x-frame-options: SAMEORIGIN SAMEORIGIN
x-heyjason: DEV522 rocks
x-iinfo: 9-4321515-4321526 nNYY RT(1715151131126 354) q(0 0 0 0) r(0 54) U12
x-isc-cdn: 6704cb8852
x-xss-protection: 1; mode=block

GET
H2 200 screen.css
isc.sans.edu/css/ 43 KB
9 KB 297ms
293ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/css/screen.css

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

23326310dbdd4beeb0b8ef0180b730d3e83e89a2cd00bb1119537a10f2b4a59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4319915 3CNN RT(1715151131126 5895) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 8817
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 09 Mar 2023 12:16:16 GMT
server: nc -l -p 80
etag: "aad7-5f6769c8cf1b8"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/css
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=85493, public
expires: Thu, 09 May 2024 06:37:10 GMT

GET
H2 200 msft.css
isc.sans.edu/css/ 424 B
429 B 154ms
151ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/css/msft.css

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

5b410c36f42c11a3a17c6bb0627f0d85b7c79b386b3e0d73cc568999020bebb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4321043 2CNN RT(1715151131126 5901) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 194
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nc -l -p 80
etag: "23d-5da69f08a9af6"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/css
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:07 GMT

GET
H2 200 fontawesome.css
isc.sans.edu/css/ 46 KB
10 KB 155ms
151ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/css/fontawesome.css

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

abb60753f5c30c99820f4bbef2e96f2789e20b8a63f39b1b9975185d8e02d627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4319585 2CNN RT(1715151131126 5905) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 10216
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 14:46:12 GMT
server: nc -l -p 80
etag: "b75f-5ee103bc070e6"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/css
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:06 GMT

GET
H2 200 v3.css
isc.sans.edu/css/ 35 KB
9 KB 162ms
159ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/css/v3.css

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

b2533a8e832118cdbd21009a2f6d50f09f682f632de04ec1a314f3a4e1a3ec47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4320661 2CNN RT(1715151131126 5907) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 9135
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 05 Feb 2023 13:58:18 GMT
server: nc -l -p 80
etag: "8bab-5f3f44e82f721"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/css
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:06 GMT

GET
H2 200 bootstrap-modal.min.css
isc.sans.edu/css/bootstrap-modal/ 5 KB
2 KB 311ms
309ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/css/bootstrap-modal/bootstrap-modal.min.css

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4315540 3CNN RT(1715151131126 5910) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 1535
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nc -l -p 80
etag: "1329-5da69f0872446"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/css
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=85328, public
expires: Thu, 09 May 2024 06:34:25 GMT

GET
H2 200 jquery-3.7.0.min.js Show response
isc.sans.edu/js/ 85 KB
30 KB 171ms
169ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/jquery-3.7.0.min.js

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

cfbcbb1d8837f5a6d702618d25bf25d0dbb2971df59488b8400dfd902bdffc00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4320657 2CNN RT(1715151131126 5913) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 30273
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 09 Jun 2023 00:46:16 GMT
server: nc -l -p 80
etag: "155a6-5fda7b250ccd8"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:06 GMT

GET
H2 200 count.js Show response
isc.sans.edu/js/ 886 B
658 B 253ms
251ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/count.js

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

522ace4616664c6f58c32821e9a0efd24dc2fdba0776727733cabc005773cff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4321043 2CNN RT(1715151131126 5916) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 521
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nc -l -p 80
etag: "436-5da69f0eb77b1"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:07 GMT

GET
H2 200 bootstrap.min.js Show response
isc.sans.edu/js/bootstrap-modal/ 6 KB
2 KB 392ms
390ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/bootstrap-modal/bootstrap.min.js

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

da5bb005bf56b2d66ce6e7de6e3df42cc7d8289aac6ad4d42cbc05457b5ae7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4319909 3CNN RT(1715151131126 6016) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 2047
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nc -l -p 80
etag: "19c9-5da69f0eb3168"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=85493, public
expires: Thu, 09 May 2024 06:37:10 GMT

GET
H2 200 default.css
isc.sans.edu/css/codesnippet/lib/highlight/styles/ 2 KB
966 B 311ms
310ms Stylesheet
text/css 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/css/codesnippet/lib/highlight/styles/default.css

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

4395773d4b70c9994c9b6da812c003842ed00153e7e6f7b75973b8f21c87a02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4319909 3CNN RT(1715151131126 5918) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 805
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 16:04:40 GMT
server: nc -l -p 80
etag: "a5b-5e7636bdbfb68"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/css
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=85493, public
expires: Thu, 09 May 2024 06:37:10 GMT

GET
H2 200 highlight.pack.js Show response
isc.sans.edu/css/codesnippet/lib/highlight/ 29 KB
12 KB 312ms
311ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/css/codesnippet/lib/highlight/highlight.pack.js

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

0826313b389703d7832daa4d6f3f385d11bb06b8bf17c0bbec6b0de358ed81ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4321043 2CNN RT(1715151131126 6020) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 12274
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 29 Aug 2022 16:04:40 GMT
server: nc -l -p 80
etag: "7602-5e7636bdb47be"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:07 GMT

GET
H2 200 commentmanagement.js Show response
isc.sans.edu/js/ 706 B
434 B 390ms
389ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/commentmanagement.js

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

a843e40f27fdf2e31b7e5647fe00812c762dab1708a59c951471f3d8a1986f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4320657 2CNN RT(1715151131126 6022) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 296
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 03 Oct 2023 17:35:23 GMT
server: nc -l -p 80
etag: "34e-606d350c9bb60"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:06 GMT

GET
H2 200 diarycount.js Show response
isc.sans.edu/js/ 527 B
692 B 404ms
403ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/diarycount.js?diary=30744

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

081f4aaf27b91cd59cc6aa711f41e44f0d75eb24abbdac074f6e9464a41c387c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
x-iinfo: 9-4321515-4320661 3NYN RT(1715151131126 6023) q(0 0 0 -1) r(2 2) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nc -l -p 80
etag: "20f-5da69f0ec69e9"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
accept-ranges: bytes

GET
H2 200 24-03-14-chart.png
isc.sans.edu/diaryimages/images/ 14 KB
14 KB 269ms
269ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/24-03-14-chart.png

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

b28a13d64e78a8bd4d7869a3860bd8c4d8bceb7d6f735997a05712896d24c488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4315540 3CNN RT(1715151131126 6024) q(0 0 0 -1) r(1 1) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 14061
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 14 Mar 2024 08:37:53 GMT
server: nc -l -p 80
etag: "6d7f-6139acea4f62d"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=85820, public
expires: Thu, 09 May 2024 06:42:37 GMT

GET
H2 200 24-03-14-example.png
isc.sans.edu/diaryimages/images/ 82 KB
83 KB 270ms
270ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/24-03-14-example.png

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

55d55f82d0c016e41a010f17731c590ba3431935e0a500c6eac587636dcc5358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4319915 3CNN RT(1715151131126 6026) q(0 0 0 -1) r(1 1) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 84394
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 14 Mar 2024 08:38:33 GMT
server: nc -l -p 80
etag: "171ae-6139ad1075c13"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=85820, public
expires: Thu, 09 May 2024 06:42:37 GMT

GET
H2 200 adimg.html
isc.sans.edu/ 6 B
134 B 181ms
180ms Image
text/html 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/adimg.html?id=

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
x-iinfo: 9-4321515-4321613 nNYY RT(1715151131126 6294) q(0 0 0 -1) r(0 0) U12
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
server: nc -l -p 80
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-do-not-hack: 18 U.S.C. Parag 1030

GET
H2 200 cc.png
isc.sans.edu/images/ 434 B
611 B 145ms
144ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/images/cc.png

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

2e9cc87129db6f454cd3d8f3c92fd5b74341db967dc7a3fda2929d5a90827c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:16 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4320661 2CNN RT(1715151131126 6306) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 434
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nc -l -p 80
etag: "1cd-5da69f09c178b"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79077, public
expires: Thu, 09 May 2024 04:50:13 GMT

GET
H2 200 main.js Show response
isc.sans.edu/js/ 2 KB
1 KB 157ms
156ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/main.js

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

3e424144af3ce136a83619fbc03d907b75ecb223a8149605ed2f16c2b70cddb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4321043 2CNN RT(1715151131126 6309) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 1058
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:56 GMT
server: nc -l -p 80
etag: "d10-5da69f12e54cc"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79071, public
expires: Thu, 09 May 2024 04:50:08 GMT

GET
H2 200 menu.js Show response
isc.sans.edu/js/ 617 B
449 B 157ms
157ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/js/menu.js

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

b565f7dab07d866493477cf4d92c74d6ead408528ef551975fad939cb38d7529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4321515-4320657 2CNN RT(1715151131126 6310) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 248
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nc -l -p 80
etag: "2c4-5e350d41b8c3a"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79070, public
expires: Thu, 09 May 2024 04:50:06 GMT

GET
H2 200 _Incapsula_Resource Show response
isc.sans.edu/ 151 KB
21 KB 156ms
155ms Script
application/javascript 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1593087508

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

b78d8d97fb470369c64367d5c812c595778d732b990073bc2521eb06b8daf9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: nc -l -p 80
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: no-cache, no-store
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
x-robots-tag: noindex
content-length: 21736
x-xss-protection: 1; mode=block

GET
H2 200 count Show response
isc.sans.edu/api/ 15 B
1 KB 5239ms
5238ms Fetch
text/json 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/api/count?json&r=0.1309536531061528&count=30bc9cb8-2213-413e-916f-1f44ee8f382d&width=1600

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/js/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src https://isc.sans.edu https://snap.licdn.com https://www.youtube.com https://challenges.cloudflare.com 'self' 'unsafe-inline' unsafe-eval;style-src 'self' 'unsafe-inline';img-src 'self' https://isc.sans.edu data:;font-src 'self' data: https://fonts.gstatic.com;media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com https://chrt.fm/ https://www.dshield.org;object-src 'none';child-src 'self' https://www.sans.org;frame-src 'self' https://www.sans.org https://www.youtube.com https://challenges.cloudflare.com https://www.youtube-nocookie.com;connect-src 'self' https://isc.sans.edu https://www.dshield.org https://api.sans.org;worker-src 'none';frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org;form-action 'self';manifest-src 'self' https://isc.sans.edu https://feeds.dshield.org;report-uri https://isc.sans.edu/cspreport.html;upgrade-insecure-requests ;block-all-mixed-content
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
content-security-policy: default-src 'self';script-src https://isc.sans.edu https://snap.licdn.com https://www.youtube.com https://challenges.cloudflare.com 'self' 'unsafe-inline' unsafe-eval;style-src 'self' 'unsafe-inline';img-src 'self' https://isc.sans.edu data:;font-src 'self' data: https://fonts.gstatic.com;media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com https://chrt.fm/ https://www.dshield.org;object-src 'none';child-src 'self' https://www.sans.org;frame-src 'self' https://www.sans.org https://www.youtube.com https://challenges.cloudflare.com https://www.youtube-nocookie.com;connect-src 'self' https://isc.sans.edu https://www.dshield.org https://api.sans.org;worker-src 'none';frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org;form-action 'self';manifest-src 'self' https://isc.sans.edu https://feeds.dshield.org;report-uri https://isc.sans.edu/cspreport.html;upgrade-insecure-requests ;block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-encoding: gzip
x-cdn: Imperva
randomness: 276f5888ffad
x-iinfo: 9-4321515-4321526 pNYy RT(1715151131126 6275) q(0 0 0 -1) r(50 50) U2
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
x-xss-protection: 1; mode=block
pragma: no-cache
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Wed, 08 May 2024 06:42:22 +0000
server: nc -l -p 80
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/json;charset=UTF-8
access-control-allow-origin: *
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: s-maxage=600
expires: Wed, 08 May 2024 07:02:22 +0000

GET
H2 200 fullscreen.png
isc.sans.edu/images/ 304 B
465 B 153ms
150ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/images/fullscreen.png

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/screen.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

7852fd09fb0977b2943e8206ca24bcc38b14321f78da75d98ef61a46130d9250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/screen.css
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4307740 2CNN RT(1715151131126 6328) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 304
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:49 GMT
server: nc -l -p 80
etag: "15a-5da69f0c11048"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79077, public
expires: Thu, 09 May 2024 04:50:14 GMT

GET
H2 200 facebook.ico
isc.sans.edu/images/icons/ 1 KB
1 KB 201ms
199ms Image
image/vnd.microsoft.icon 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/images/icons/facebook.ico

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/screen.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

5678ee6a1f605d6ada6230003a8d9c182869e1f40d02d414b368cc820c9a97b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/screen.css
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321620 nNNY RT(1715151131126 6333) q(0 0 0 -1) r(0 1) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 1150
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:49 GMT
server: nc -l -p 80
etag: "47e-5da69f0c27f7c"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
x-do-not-hack: 18 U.S.C. Parag 1030
accept-ranges: bytes

GET
H2 200 twitter.ico
isc.sans.edu/images/icons/ 6 KB
7 KB 201ms
199ms Image
image/vnd.microsoft.icon 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/images/icons/twitter.ico

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/screen.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

15e2a6aec006e029bcccaf870ab8606a4c03a7ff3df90239ff5cd889ca585a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/screen.css
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321613 pNNy RT(1715151131126 6336) q(0 0 0 -1) r(1 1) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 6518
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:49 GMT
server: nc -l -p 80
etag: "1976-5da69f0c371a8"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
x-do-not-hack: 18 U.S.C. Parag 1030
accept-ranges: bytes

GET
H2 200 poppins-regular.ttf
isc.sans.edu/webfonts/ 16 KB
16 KB 180ms
177ms Font
application/font-sfnt 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/webfonts/poppins-regular.ttf

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/v3.css
Origin: https://isc.sans.edu
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:18 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321613 pNNy RT(1715151131126 6451) q(0 0 0 -1) r(1 1) U12
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 16148
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nc -l -p 80
etag: "3f14-5e350d41e7a2f"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/font-sfnt
x-do-not-hack: 18 U.S.C. Parag 1030
x-incap-sess-cookie-hdr: q727JbO1qWrByKcQYmM2DCEhO2YAAAAAt3e/W2FOFpLNJ+DzjFXM8A==
accept-ranges: bytes

GET
H2 200 open-sans-700.ttf
isc.sans.edu/webfonts/ 31 KB
31 KB 181ms
178ms Font
application/font-sfnt 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/webfonts/open-sans-700.ttf

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

68151e32200f64f60f412bbc3ccde917a5fadb2f1a464cf7b3b77fd7675e6afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/v3.css
Origin: https://isc.sans.edu
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:18 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321620 pNNy RT(1715151131126 6454) q(0 0 0 -1) r(1 1) U12
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 31420
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nc -l -p 80
etag: "7abc-5e350d41e4768"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/font-sfnt
x-do-not-hack: 18 U.S.C. Parag 1030
x-incap-sess-cookie-hdr: jNAzJasOFxPByKcQYmM2DCEhO2YAAAAA9Cp4wMWAKW4xKBdNjHpaaw==
accept-ranges: bytes

GET
H2 200 open-sans-regular.ttf
isc.sans.edu/webfonts/ 31 KB
31 KB 181ms
179ms Font
application/font-sfnt 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/webfonts/open-sans-regular.ttf

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

18b7e49a6696c5a278ac77eb98149048d0819df63ac265a2cf3abb26914d57c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/v3.css
Origin: https://isc.sans.edu
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:18 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321625 nNNY RT(1715151131126 6456) q(0 0 0 -1) r(0 1) U12
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 31380
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nc -l -p 80
etag: "7a94-5e350d41e5ed7"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/font-sfnt
x-do-not-hack: 18 U.S.C. Parag 1030
x-incap-sess-cookie-hdr: kOWuWLTMkWnByKcQYmM2DCEhO2YAAAAAgtk5+3Z2UpRiSQurwun0PQ==
accept-ranges: bytes

GET count
isc.sans.edu/api/ 0
0

GET
H2 200 folder.png
isc.sans.edu/images/ 537 B
693 B 197ms
195ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/images/folder.png

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/screen.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

d049b83cadc5ae55a1639837a7653db1def729761f1913ee5dc4e4eb47fbd2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/screen.css
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4319915 3CNN RT(1715151131126 6523) q(0 0 0 -1) r(1 1) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 537
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:49 GMT
server: nc -l -p 80
etag: "219-5da69f0c06080"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=85329, public
expires: Thu, 09 May 2024 06:34:26 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10b325a392531c8e79d4ccaddebcd159fd21ceb66bbb05748a97f16bc4166fa5

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 719 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc9ae7d497329a5eca73e21429b751949aad15855cd77d1b29f9224b0857eddf

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 506 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b927ed2eff7fca9c6f9224dd8cda6ae9194dd66321cb09474b079fff8caeef60

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 socialIconsFoot.png
isc.sans.edu/img/ 9 KB
9 KB 146ms
145ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/img/socialIconsFoot.png

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/screen.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

0d5bce91d4a3417998ddf66e306608adaf1ad5c9d8dfadfba2a34798e18ecae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/screen.css
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4320657 2CNN RT(1715151131126 6537) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 9083
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 05 Nov 2022 02:07:38 GMT
server: nc -l -p 80
etag: "31f1-5ecafa78d1a71"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79077, public
expires: Thu, 09 May 2024 04:50:14 GMT

GET
DATA 200
OK truncated
/ 778 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f335fe583fdad5c70b6c71499a736ce7de3e5d40a496ef092cef2e0e331538e

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 clear-sans-medium.ttf
isc.sans.edu/webfonts/ 306 KB
308 KB 177ms
176ms Font
application/font-sfnt 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/webfonts/clear-sans-medium.ttf

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

93677acbadea77e254b491589812f1e218a97adcd10a4957622b8c7a86e14181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/css/v3.css
Origin: https://isc.sans.edu
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:18 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321625 pNNy RT(1715151131126 6636) q(0 0 0 -1) r(0 0) U12
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 313308
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nc -l -p 80
etag: "4c7dc-5e350d41e10bb"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: application/font-sfnt
x-do-not-hack: 18 U.S.C. Parag 1030
x-incap-sess-cookie-hdr: jmPYPg4Xt3TByKcQYmM2DCEhO2YAAAAAeewHzV+8xxsJJZsXTYt4zA==
accept-ranges: bytes

POST
H2 200 cspreport.html
isc.sans.edu/ 0
132 B 513ms
513ms Other
text/html 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/cspreport.html

Requested by

Host: isc.sans.edu
URL: https://isc.sans.edu/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1593087508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 08 May 2024 06:52:18 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321620 pNNy RT(1715151131126 6706) q(0 0 0 -1) r(0 0) U6
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 0
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
server: nc -l -p 80
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
x-do-not-hack: 18 U.S.C. Parag 1030
x-incap-sess-cookie-hdr: Z0DPYIJmYSfByKcQYmM2DCEhO2YAAAAASHhvnRSubROvDI2gMW6Daw==

GET
H2 200 iscfavicon.ico
isc.sans.edu/ 338 B
475 B 174ms
174ms Other
image/vnd.microsoft.icon 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/iscfavicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

240f37af3b36c8382974308019953c3d7dd66784f10a3ec426f46fc9f7aadd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:18 GMT
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4321620 pNNy RT(1715151131126 7321) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 338
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:58 GMT
server: nc -l -p 80
etag: "152-5e350d41b3e14"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/vnd.microsoft.icon
x-do-not-hack: 18 U.S.C. Parag 1030
accept-ranges: bytes

GET
H2 200 favicon-32x32.png
isc.sans.edu/ 338 B
496 B 138ms
137ms Other
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://isc.sans.edu/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

240f37af3b36c8382974308019953c3d7dd66784f10a3ec426f46fc9f7aadd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:52:18 GMT
strict-transport-security: max-age=31556926; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 9-4321515-4320657 2CNN RT(1715151131126 7502) q(0 0 0 -1) r(0 0) U18
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 338
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:58 GMT
server: nc -l -p 80
etag: "152-5e350d41a5b89"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
x-frame-options: SAMEORIGIN
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=79076, public
expires: Thu, 09 May 2024 04:50:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: isc.sans.edu
URL: https://isc.sans.edu/api/count?json&r=0.1489964513567268&count=30bc9cb8-2213-413e-916f-1f44ee8f382d&diary=0

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
isc.sans.edu/	1969-12-31 23:59:59	Name: __Secure-dshield Value: 1chboha0t9at2okc3lf8lfmpp6
isc.sans.edu/	1969-12-31 23:59:59	Name: sessionhash Value: 61f47ac4a0450b7de281a345cf2e742f1731a1c2f01d9b5874e7e2390339d0cc
.sans.edu/	1969-12-31 23:59:59	Name: nlbi_2188750 Value: cJU3SMlpfhmTN47/ac18PgAAAABZd+usSqc6J1I7/WN54gTq
.sans.edu/	1970-01-21 05:10:04	Name: visid_incap_2188750 Value: rwwqlq26RD+1unyA2ZpK/xshO2YAAAAAQUIPAAAAAAA2cgFuMSmxad4iOI6hE/AH
.sans.edu/	1969-12-31 23:59:59	Name: incap_ses_880_2188750 Value: pTYhCytAOEvByKcQYmM2DCAhO2YAAAAACOT4tts5tunbNlobBQy2Ng==
isc.sans.edu/	1970-01-21 05:11:27	Name: count Value: 30bc9cb8-2213-413e-916f-1f44ee8f382d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self';script-src https://isc.sans.edu https://snap.licdn.com https://www.youtube.com https://challenges.cloudflare.com 'self' 'unsafe-inline' unsafe-eval;style-src 'self' 'unsafe-inline';img-src 'self' https://isc.sans.edu data:;font-src 'self' data: https://fonts.gstatic.com;media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com https://chrt.fm/ https://www.dshield.org;object-src 'none';child-src 'self' https://www.sans.org;frame-src 'self' https://www.sans.org https://www.youtube.com https://challenges.cloudflare.com https://www.youtube-nocookie.com;connect-src 'self' https://isc.sans.edu https://www.dshield.org https://api.sans.org;worker-src 'none';frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org;form-action 'self';manifest-src 'self' https://isc.sans.edu https://feeds.dshield.org;report-uri https://isc.sans.edu/cspreport.html;upgrade-insecure-requests ;block-all-mixed-content
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

isc.sans.edu
isc.sans.edu
45.60.31.34
081f4aaf27b91cd59cc6aa711f41e44f0d75eb24abbdac074f6e9464a41c387c
0826313b389703d7832daa4d6f3f385d11bb06b8bf17c0bbec6b0de358ed81ae
0d5bce91d4a3417998ddf66e306608adaf1ad5c9d8dfadfba2a34798e18ecae5
10b325a392531c8e79d4ccaddebcd159fd21ceb66bbb05748a97f16bc4166fa5
15e2a6aec006e029bcccaf870ab8606a4c03a7ff3df90239ff5cd889ca585a39
18b7e49a6696c5a278ac77eb98149048d0819df63ac265a2cf3abb26914d57c3
23326310dbdd4beeb0b8ef0180b730d3e83e89a2cd00bb1119537a10f2b4a59f
240f37af3b36c8382974308019953c3d7dd66784f10a3ec426f46fc9f7aadd09
2e9cc87129db6f454cd3d8f3c92fd5b74341db967dc7a3fda2929d5a90827c79
3e424144af3ce136a83619fbc03d907b75ecb223a8149605ed2f16c2b70cddb2
4395773d4b70c9994c9b6da812c003842ed00153e7e6f7b75973b8f21c87a02d
522ace4616664c6f58c32821e9a0efd24dc2fdba0776727733cabc005773cff2
55d55f82d0c016e41a010f17731c590ba3431935e0a500c6eac587636dcc5358
5678ee6a1f605d6ada6230003a8d9c182869e1f40d02d414b368cc820c9a97b8
5b410c36f42c11a3a17c6bb0627f0d85b7c79b386b3e0d73cc568999020bebb2
5f335fe583fdad5c70b6c71499a736ce7de3e5d40a496ef092cef2e0e331538e
66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8
68151e32200f64f60f412bbc3ccde917a5fadb2f1a464cf7b3b77fd7675e6afc
7852fd09fb0977b2943e8206ca24bcc38b14321f78da75d98ef61a46130d9250
93677acbadea77e254b491589812f1e218a97adcd10a4957622b8c7a86e14181
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a843e40f27fdf2e31b7e5647fe00812c762dab1708a59c951471f3d8a1986f92
abb60753f5c30c99820f4bbef2e96f2789e20b8a63f39b1b9975185d8e02d627
b2533a8e832118cdbd21009a2f6d50f09f682f632de04ec1a314f3a4e1a3ec47
b28a13d64e78a8bd4d7869a3860bd8c4d8bceb7d6f735997a05712896d24c488
b565f7dab07d866493477cf4d92c74d6ead408528ef551975fad939cb38d7529
b78d8d97fb470369c64367d5c812c595778d732b990073bc2521eb06b8daf9d5
b927ed2eff7fca9c6f9224dd8cda6ae9194dd66321cb09474b079fff8caeef60
cc9ae7d497329a5eca73e21429b751949aad15855cd77d1b29f9224b0857eddf
cfbcbb1d8837f5a6d702618d25bf25d0dbb2971df59488b8400dfd902bdffc00
d049b83cadc5ae55a1639837a7653db1def729761f1913ee5dc4e4eb47fbd2a6
d9c49541262a54f412d4e157926c62a4c413a02a02f4fc38768cd20d1cb1885f
da5bb005bf56b2d66ce6e7de6e3df42cc7d8289aac6ad4d42cbc05457b5ae7f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c

isc.sans.edu Open in urlscan Pro 45.60.31.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

619 kBTransfer

948 kBSize

6 Cookies

18 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

isc.sans.edu Open in urlscan Pro
45.60.31.34 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

619 kB
Transfer

948 kB
Size

6
Cookies

34 HTTP transactions
4 data transactions