www.sans.org Open in urlscan Pro
45.60.33.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.sans.org/?qs=0c51253b32d200970f71129463dc41455d3f71f9e74230f242b8ce6a28e443777cad8883ed4afda20186c410e164...
Effective URL:
https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
Submission Tags: falconsandbox
Submission: On February 22 via api (February 22nd 2021, 2:25:16 pm UTC) from US

Summary HTTP 53 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 53 HTTP transactions. The main IP is 45.60.33.34, located in United States and belongs to INCAPSULA, US. The main domain is www.sans.org.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on September 16th 2020. Valid for: 6 months.

This is the only time www.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	136.147.189.155 136.147.189.155	22606 (EXACT-7) (EXACT-7)
3 24	45.60.33.34 45.60.33.34	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.96.97 65.9.96.97	16509 (AMAZON-02) (AMAZON-02)
4	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
2	65.9.20.40 65.9.20.40	16509 (AMAZON-02) (AMAZON-02)
2	65.9.20.68 65.9.20.68	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	52.166.11.26 52.166.11.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	15

1 136.147.189.155 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email.sans.org

click.email.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 45.60.33.34 (United States) 3 redirects

ASN19551 (INCAPSULA, US)

www.sans.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.96.97 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.contentstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.20.40 (Orlando, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.20.68 (Orlando, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.166.11.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn5mzsmkpycxwsqpf-sans.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	sans.org 4 redirects click.email.sans.org www.sans.org	4 MB
6	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	125 KB
5	google.com www.google.com	17 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	374 KB
5	google-analytics.com www.google-analytics.com	115 KB
4	contentstack.io images.contentstack.io	466 KB
2	addsearch.com addsearch.com	15 KB
2	googletagmanager.com www.googletagmanager.com	81 KB
1	qualtrics.com zn5mzsmkpycxwsqpf-sans.siteintercept.qualtrics.com	18 KB
1	google.de www.google.de	107 B
1	doubleclick.net stats.g.doubleclick.net	86 B
53	11

	Domain	Requested by
24	www.sans.org	3 redirects www.sans.org www.google-analytics.com
5	www.google.com	www.sans.org www.gstatic.com www.google.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.sans.org
4	images.contentstack.io	www.sans.org
3	www.gstatic.com	www.google.com
2	addsearch.com	www.sans.org addsearch.com
2	fonts.gstatic.com	www.sans.org
2	vars.hotjar.com	static.hotjar.com
2	script.hotjar.com	static.hotjar.com
2	static.hotjar.com	www.sans.org
2	www.googletagmanager.com	www.sans.org
1	zn5mzsmkpycxwsqpf-sans.siteintercept.qualtrics.com	www.sans.org
1	www.google.de	www.sans.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	click.email.sans.org	1 redirects
53	15

This site contains links to these domains. Also see Links.

Domain
www.sans.edu
digital-forensics.sans.org
ics.sans.org
www.giac.org
isc.sans.edu
twitter.com
www.facebook.com
www.youtube.com
www.linkedin.com
www.addsearch.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2020	`2020-09-16` - `2021-03-17`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
h3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-02-17` - `2021-04-20`	2 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.addsearch.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-05` - `2021-09-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
Frame ID: 59FF5AADA563FCABC89A8BB9F5ACC0DD
Requests: 57 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: DD708E6FAC739F1AD6C498C7BEDD7D01
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: E08AE479B35EC5920B6D92FCFF87AAD5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3
Frame ID: CFC98F6BE312B8F280772FF16710A3E4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.email.sans.org/?qs=0c51253b32d200970f71129463dc41455d3f71f9e74230f242b8ce6a28e443777cad8883... HTTP 302
https://www.sans.org/ondemand/specials?utm_medium=Email&utm_source=HL-NA&utm_content=686095+GIAC+... HTTP 301
https://www.sans.org/specials/north-america?utm_medium=Email&utm_source=HL-NA&utm_content=686095+... HTTP 302
https://www.sans.org/latest/specials/north-america/ HTTP 302
https://www.sans.org/specials/north-america/ Page URL
https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

53
Requests

100 %
HTTPS

47 %
IPv6

11
Domains

15
Subdomains

15
IPs

4
Countries

4973 kB
Transfer

17903 kB
Size

13
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sans.edu/?msc=main-nav
Title: College Degrees & Certificates

Search URL Search Domain Scan URL

URL: https://digital-forensics.sans.org/?msc=main-nav
Title: Digital Forensics & Incident Response

Search URL Search Domain Scan URL

URL: https://ics.sans.org/?msc=main-nav
Title: Industrial Control Systems

Search URL Search Domain Scan URL

URL: https://www.giac.org/?msc=utility-nav
Title: GIAC Security Certifications

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/?msc=utility-nav
Title: Internet Storm Center

Search URL Search Domain Scan URL

URL: https://www.sans.edu/?msc=utility-nav
Title: SANS Technology Institute

Search URL Search Domain Scan URL

URL: https://www.giac.org/certifications/?msc=footer-secondary-nav
Title: Certifications

Search URL Search Domain Scan URL

URL: https://www.sans.edu/?msc=footer-secondary-nav
Title: Degree Programs

Search URL Search Domain Scan URL

URL: https://digital-forensics.sans.org/?msc=footer-secondary-nav
Title: Digital Forensics

Search URL Search Domain Scan URL

URL: https://ics.sans.org/?msc=footer-secondary-nav
Title: Industrial Control Systems

Search URL Search Domain Scan URL

URL: https://twitter.com/sansinstitute
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sansinstitute
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheSANSInstitute
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/14104
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://www.addsearch.com/?utm_source=customer&utm_medium=referer&utm_campaign=customer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.sans.org/?qs=0c51253b32d200970f71129463dc41455d3f71f9e74230f242b8ce6a28e443777cad8883ed4afda20186c410e1649b8831e686bdb7690460 HTTP 302
https://www.sans.org/ondemand/specials?utm_medium=Email&utm_source=HL-NA&utm_content=686095+GIAC+OLT+Joint+Email+07132020+Train+Now+Button&utm_campaign=GIAC HTTP 301
https://www.sans.org/specials/north-america?utm_medium=Email&utm_source=HL-NA&utm_content=686095+GIAC+OLT+Joint+Email+07132020+Train+Now+Button&utm_campaign=GIAC HTTP 302
https://www.sans.org/latest/specials/north-america/ HTTP 302
https://www.sans.org/specials/north-america/ Page URL
https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://click.email.sans.org/?qs=0c51253b32d200970f71129463dc41455d3f71f9e74230f242b8ce6a28e443777cad8883ed4afda20186c410e1649b8831e686bdb7690460 HTTP 302
https://www.sans.org/ondemand/specials?utm_medium=Email&utm_source=HL-NA&utm_content=686095+GIAC+OLT+Joint+Email+07132020+Train+Now+Button&utm_campaign=GIAC HTTP 301
https://www.sans.org/specials/north-america?utm_medium=Email&utm_source=HL-NA&utm_content=686095+GIAC+OLT+Joint+Email+07132020+Train+Now+Button&utm_campaign=GIAC HTTP 302
https://www.sans.org/latest/specials/north-america/ HTTP 302
https://www.sans.org/specials/north-america/

53 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
www.sans.org/specials/north-america/
Redirect Chain

https://click.email.sans.org/?qs=0c51253b32d200970f71129463dc41455d3f71f9e74230f242b8ce6a28e443777cad8883ed4afda20186c410e1649b8831e686bdb7690460
https://www.sans.org/ondemand/specials?utm_medium=Email&utm_source=HL-NA&utm_content=686095+GIAC+OLT+Joint+Email+07132020+Train+Now+Button&utm_campaign=GIAC
https://www.sans.org/specials/north-america?utm_medium=Email&utm_source=HL-NA&utm_content=686095+GIAC+OLT+Joint+Email+07132020+Train+Now+Button&utm_campaign=GIAC
https://www.sans.org/latest/specials/north-america/
https://www.sans.org/specials/north-america/

103 KB
17 KB

172ms
172ms

Document
text/html

45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.sans.org
:scheme: https
:path: /specials/north-america/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: visid_incap_1329355=iE4upUXGSyWFFoAso6WLlbi+M2AAAAAAQUIPAAAAAABEoQgTYx/ZqxCMZ0YHrjGN; nlbi_1329355=pU0PcDyomFvrCsTDHZRHYgAAAACH7cbHDZLq3jvx33FQ/eYE; incap_ses_697_1329355=LdRGJw/hSDJ/I4AnEj6sCbi+M2AAAAAAP7k3aWmcQX5+Wy/2ElhM/Q==; nlbi_1329355_2277483=m7mYUPWV3WLtbmJ3HZRHYgAAAAAA4w1A9GS5f+R4tRJHosZi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
date: Mon, 22 Feb 2021 14:24:58 GMT
cache-control: max-age=30
last-modified: Mon, 22 Feb 2021 13:59:25 GMT
etag: W/"053ef594567ba39c1582431ca049688f"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 9nSZqCoOi8SiZSH4BR5506kfar_TppK9RwoV8rn8ABWNT1wffNlyZQ==
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-iinfo: 3-2539072-2539068 PNNN RT(1614003896780 0) q(0 0 0 -1) r(2 2) U18

Redirect headers

location: https://www.sans.org/specials/north-america/
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 39244d9.js
www.sans.org/_nuxt/ 2 KB
1 KB 241ms
239ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/39244d9.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/north-america/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539073-2538293 2VNN RT(1614003896956 0) q(0 0 0 -1) r(2 2)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1192
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"b9bb68ab883aaef5846c9c36b804892d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 ee6b422.js
www.sans.org/_nuxt/ 186 KB
64 KB 232ms
229ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/ee6b422.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/north-america/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539076-2538440 2VNN RT(1614003896959 0) q(0 0 0 -1) r(2 2)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 64900
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"2e1d04ed02e86ca7141ddea1fb891b8c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 app.23be010.css
www.sans.org/_nuxt/vendors/ 2 MB
176 KB 166ms
164ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/vendors/app.23be010.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/north-america/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539074-2538429 2VNN RT(1614003896958 0) q(0 0 0 -1) r(1 1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 180273
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"ae6ad4b6009d11c76e4a2c1b21387d16"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 3a6640c.js
www.sans.org/_nuxt/ 5 MB
1 MB 258ms
256ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/3a6640c.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/north-america/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539077-2539078 2VNN RT(1614003896960 0) q(0 0 0 -1) r(0 2)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1327645
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"4a9e2a69f37021e250452d252e3768c0"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 app.291a06d.css
www.sans.org/_nuxt/ 942 B
563 B 328ms
327ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/app.291a06d.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/north-america/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539075-2538435 2VNN RT(1614003896958 0) q(0 0 0 -1) r(3 3)
content-length: 446
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: "6718fd95b8a6948c4adb7a1ace54cde5"
expect-ct: max-age=86400, enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 42de594.js
www.sans.org/_nuxt/ 76 KB
21 KB 318ms
316ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/42de594.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/north-america/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-amz-cf-pop: ZRH50-C1
x-cache: RefreshHit from cloudfront
x-iinfo: 3-2539079-2538429 2NNN RT(1614003896961 0) q(0 1 1 -1) r(3 3) U18
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Feb 2021 13:59:24 GMT
x-frame-options: SAMEORIGIN
etag: W/"eb9b1a5d58a4a16f0c01400b14ad364b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control: max-age=30
x-amz-cf-id: w60tj9WvCFKJ9C0kJu2l_dGjmkmHwkW08n1K56-DBscaYSark95oSw==

GET
H2 200 a36c7d1.js
www.sans.org/_nuxt/ 41 KB
11 KB 405ms
403ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/a36c7d1.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/north-america/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539080-2538463 2VNN RT(1614003896961 0) q(0 2 2 -1) r(4 4)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 11028
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"f29352fd422d5b3161da85f0e8e90e9f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
40 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51da18f611aec3ff9946c4802c54fbeed93b1e12e50c67aa8c1372175f84734f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41316
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Feb 2021 14:24:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2025
date: Mon, 22 Feb 2021 13:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Feb 2021 15:51:12 GMT

GET
H2 200 hotjar-609302.js
static.hotjar.com/c/ 5 KB
2 KB 164ms
64ms Script
application/javascript 65.9.96.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-609302.js?sv=6

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 58
etag: W/cf834b16b5b6b1c057d978f4962fef78
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: PRG50-C1
content-length: 1899
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id: NdBlUn9c6bgDopVFJMtTaSXFeiHQqMm1_jDrIlZyzKiqhEJu6QWfvQ==

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 111 KB
39 KB 71ms
57ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K3LZ9HB&t=gtm2&cid=840786996.1614003898

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ff0ca431a8ed72eebd9ba2ab2b5d8dec0e39b24df3c0108a29ad684caafd5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39541
x-xss-protection: 0
expires: Mon, 22 Feb 2021 14:24:58 GMT

GET
H2 200 solid-blue-header.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt9aaf6bdd1b135e96/5f6bb9b1b038186a244baaa7/ 122 KB
122 KB 91ms
30ms Image
image/png 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt9aaf6bdd1b135e96/5f6bb9b1b038186a244baaa7/solid-blue-header.png
Requested by: Host: www.sans.org
URL: https://www.sans.org/specials/north-america/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 317540
x-cache: HIT, HIT
fastly-io-info: ifsz=358039 idim=2000x280 ifmt=png ofsz=124469 odim=2000x280 ofmt=png
content-disposition: inline; filename=solid-blue-header.png
fastly-stats: io=1
content-length: 124469
x-served-by: cache-sjc10036-SJC, cache-hhn4083-HHN
x-runtime: 88ms
x-timer: S1614003898.097187,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "92p967YFjqu2nfqMgbw3xBj5Zqou9FhYIcX4wrBVg1Q"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 470x382_OLT_OD_App_LP_Graphics_GIAC.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltc6ae37d669e525c2/602eca5bcb67827268e08b44/ 89 KB
89 KB 91ms
31ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltc6ae37d669e525c2/602eca5bcb67827268e08b44/470x382_OLT_OD_App_LP_Graphics_GIAC.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/specials/north-america/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 317539
x-cache: HIT, HIT
fastly-io-info: ifsz=109902 idim=470x382 ifmt=jpeg ofsz=91103 odim=470x382 ofmt=jpeg
content-disposition: inline; filename=470x382_OLT_OD_App_LP_Graphics_GIAC.jpg
fastly-stats: io=1
content-length: 91103
x-served-by: cache-sjc10049-SJC, cache-hhn4083-HHN
x-runtime: 107ms
x-timer: S1614003898.097341,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "oeW/R6pXHlNxdLHzuIm+Pmut/RZZxBu4Fz2X+h7AQy4"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 NALT_Live_Online_Winter_Special_Site_Promo.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb30b63525f7e1962/6024208a269aa649b97583f6/ 130 KB
130 KB 91ms
31ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltb30b63525f7e1962/6024208a269aa649b97583f6/NALT_Live_Online_Winter_Special_Site_Promo.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/specials/north-america/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 317541
x-cache: HIT, HIT
fastly-io-info: ifsz=161262 idim=540x440 ifmt=jpeg ofsz=133223 odim=540x440 ofmt=jpeg
content-disposition: inline; filename=NALT_Live_Online_Winter_Special_Site_Promo.jpg
fastly-stats: io=1
content-length: 133223
x-served-by: cache-sjc10020-SJC, cache-hhn4083-HHN
x-runtime: 90ms
x-timer: S1614003898.097172,VS0,VE1
x-contentstack-organization: blt848504a4924ca8db
etag: "MkRCAS+hmxfmnAcd4HXiSRnrLLRGa/YmRQiK5mnXlr8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Primary Request / Show response
www.sans.org/specials/europe-middle-east-africa/ 95 KB
15 KB 283ms
282ms Document
text/html 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/gtm/js?id=GTM-K3LZ9HB&t=gtm2&cid=840786996.1614003898

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

aba3bac4f3a70d7bfe6d329cc4627c92525bb18c4e7c4e6d0bb05462af84ec79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.sans.org
:scheme: https
:path: /specials/europe-middle-east-africa/?msc=region-redirect
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.sans.org/specials/north-america/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: visid_incap_1329355=iE4upUXGSyWFFoAso6WLlbi+M2AAAAAAQUIPAAAAAABEoQgTYx/ZqxCMZ0YHrjGN; nlbi_1329355=pU0PcDyomFvrCsTDHZRHYgAAAACH7cbHDZLq3jvx33FQ/eYE; incap_ses_697_1329355=LdRGJw/hSDJ/I4AnEj6sCbi+M2AAAAAAP7k3aWmcQX5+Wy/2ElhM/Q==; nlbi_1329355_2277483=m7mYUPWV3WLtbmJ3HZRHYgAAAAAA4w1A9GS5f+R4tRJHosZi; _ga=GA1.2.840786996.1614003898; _gid=GA1.2.1277823305.1614003898; _gaexp=GAX1.2.T9LT3q1-Re6T_t7_dK7POg.18732.1; _gaexp_rc=1; _opt_expid=T9LT3q1-Re6T_t7_dK7POg%241%24
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sans.org/specials/north-america/

Response headers

content-type: text/html
date: Mon, 22 Feb 2021 14:24:59 GMT
cache-control: max-age=30
last-modified: Mon, 22 Feb 2021 13:59:25 GMT
etag: W/"c3d75374c78b951fec4f5eeaac3f4f2e"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: frBAmKwIJV9kkFVdumOTgqWJhZlpEPezcWValnBr1orIxdYMmyW43A==
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-iinfo: 3-2539081-2539068 PNNN RT(1614003897129 0) q(0 0 0 -1) r(2 2) U18

GET
H2 200 modules.f56917110d6a0ab1d784.js
script.hotjar.com/ 225 KB
59 KB 156ms
56ms Script
application/javascript 65.9.20.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f56917110d6a0ab1d784.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-609302.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.40 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 08:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22541
x-cache: Hit from cloudfront
content-length: 60213
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 08:06:07 GMT
etag: "7d00fe104e8d64a0bc88f2f19720e205"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9616c9d248a84b00a499563db915c53b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LApZrvNRDPcdJKe1x9JZyw6gpNR4bd9pDwujOa05uO4izHqMEEFTAQ==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame DD70 2 KB
1 KB 148ms
48ms Document
text/html 65.9.20.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-609302.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.68 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sans.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sans.org/

Response headers

content-type: text/html
content-length: 851
date: Sat, 06 Feb 2021 03:08:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Fri, 05 Feb 2021 15:00:27 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eea0826c9064fc2d08f21b43b4a26011.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: RGsMYJVW9mCvumwMFwpsrGwQb2oM4VEbMCiNd_l-YLMTDkcGBOrGOQ==
age: 1422972

GET
H2 200 39244d9.js Show response
www.sans.org/_nuxt/ 2 KB
1 KB 30ms
27ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/39244d9.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7b136f4f3f48b17fe3b5573ad81e5aa52123015cfc551cc5773ab5dd371354fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539083-0 0CNN RT(1614003897423 0) q(0 -1 -1 -1) r(0 -1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1192
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"b9bb68ab883aaef5846c9c36b804892d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 ee6b422.js Show response
www.sans.org/_nuxt/ 186 KB
64 KB 32ms
29ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/ee6b422.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a660e74a678efc78029b91426a397f16921e5bf65e695e385ec0999390831081

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539085-0 0CNN RT(1614003897426 0) q(0 -1 -1 -1) r(0 -1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 64900
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"2e1d04ed02e86ca7141ddea1fb891b8c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 app.23be010.css
www.sans.org/_nuxt/vendors/ 2 MB
176 KB 27ms
24ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/vendors/app.23be010.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6c61c5378ae9aadd6b2640f0775eaac95c6095e563f30e2f53c860cb233255f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539082-0 0CNN RT(1614003897421 0) q(0 -1 -1 -1) r(0 -1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 180273
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"ae6ad4b6009d11c76e4a2c1b21387d16"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 3a6640c.js Show response
www.sans.org/_nuxt/ 5 MB
1 MB 34ms
32ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/3a6640c.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7b686d8292e38fa3b8810b4876b99833ecbae73e26976bc5a6ec723852722722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539086-0 0CNN RT(1614003897426 0) q(0 -1 -1 -1) r(0 -1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1327645
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"4a9e2a69f37021e250452d252e3768c0"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 app.291a06d.css
www.sans.org/_nuxt/ 942 B
561 B 31ms
29ms Stylesheet
text/css 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/app.291a06d.css

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3dd04db66dc9bb460520fd11e0e8ab22cd96e2f12a2057a82f96a1fcb62cd7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539084-0 0CNN RT(1614003897424 0) q(0 -1 -1 -1) r(0 -1)
content-length: 446
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: "6718fd95b8a6948c4adb7a1ace54cde5"
expect-ct: max-age=86400, enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 42de594.js Show response
www.sans.org/_nuxt/ 76 KB
21 KB 58ms
57ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/42de594.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

04bb5ea9f3d7dd799a9424bdbfc18e5fb27cda56854cfdab295cae0a7e97ef5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539087-0 0CNN RT(1614003897427 0) q(0 -1 -1 -1) r(0 -1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 21022
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Feb 2021 13:59:24 GMT
x-frame-options: SAMEORIGIN
etag: W/"eb9b1a5d58a4a16f0c01400b14ad364b"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 a36c7d1.js Show response
www.sans.org/_nuxt/ 41 KB
11 KB 60ms
59ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/a36c7d1.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc917cd00c23d1c0986b63cb32484933844c2f4ec95e728f5a50048d51baf068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539088-0 0CNN RT(1614003897428 0) q(0 -1 -1 -1) r(0 -1)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 11028
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"f29352fd422d5b3161da85f0e8e90e9f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
41 KB 67ms
54ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1986b5c9284a35dfdce2c11c90bc7c52ca84e2567e0ea739c913eaa3b540cc5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41315
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Feb 2021 14:24:58 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1e9ee3a97e9347ff3e9efc6b9e4182ff3f4f3eac3fdbfc48287552ca08f497a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 44 KB
44 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/_nuxt/vendors/app.23be010.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sans.org
Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:26:40 GMT
server: sffe
age: 326600
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:38 GMT

GET
H2 200 ClearSans-Regular.b9bdac5.ttf
www.sans.org/_nuxt/fonts/ 297 KB
298 KB 142ms
141ms Font
binary/octet-stream 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/fonts/ClearSans-Regular.b9bdac5.ttf

Requested by

Host: www.sans.org
URL: https://www.sans.org/_nuxt/vendors/app.23be010.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bb811af889b6a3984944678f04b033a4805c49a66f06cde62ef29902e8f0f06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sans.org
Referer: https://www.sans.org/_nuxt/vendors/app.23be010.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Dec 2020 16:04:36 GMT
x-cdn: Imperva
etag: "b9bdac589c0d3aac828fd3a15108b61a"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: binary/octet-stream
x-iinfo: 3-2539089-2538435 2VNN RT(1614003897531 0) q(0 0 0 -1) r(1 1)
x-xss-protection: 1; mode=block
cache-control: max-age=30, public
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 304516
x-content-type-options: nosniff
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H2 200 India_Page_-_Live_Online_Image.jpg
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt4654225eb39367fd/5fa16450209f0756c89d6942/ 123 KB
124 KB 32ms
32ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt4654225eb39367fd/5fa16450209f0756c89d6942/India_Page_-_Live_Online_Image.jpg
Requested by: Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 43b6f6c110c653eb316755fcafa336c745128e8a5bd914fc8776f15281496e8e

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
via: 1.1 varnish, 1.1 varnish
age: 317013
x-cache: HIT, HIT
fastly-io-info: ifsz=143529 idim=570x380 ifmt=jpeg ofsz=126416 odim=570x380 ofmt=jpeg
content-disposition: inline; filename=India_Page_-_Live_Online_Image.jpg
fastly-stats: io=1
content-length: 126416
x-served-by: cache-sjc10066-SJC, cache-hhn4083-HHN
x-runtime: 102ms
x-timer: S1614003899.562906,VS0,VE2
x-contentstack-organization: blt848504a4924ca8db
etag: "5RmD7F3jVksbBMfB132XnKupldI9IXps928C9MIK/sY"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8373dde4a91ebe50029d6acf1447ab949af75fbb6703979d107087f5c7d85514

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89b90b3011be7d6a57a3178c94dd1bf90b6643a851c57dc9a8ff6c21f452eff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 330 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02e083d17aada922d7049229d46ac4a427307eabd2e3f23f5463fb423dc55dc5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 591 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1964720e3ed1328ae87162a2c9fb1d7350225fceb0cf8df06b5f550508cd85c4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c51b22ebde38fde8e25a63e161463632ad13c614a1268f60848c23ac9c039621

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v11/ 46 KB
46 KB 34ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: www.sans.org
URL: https://www.sans.org/_nuxt/vendors/app.23be010.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sans.org
Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:34 GMT
server: sffe
age: 326600
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:38 GMT

GET
H2 200 ClearSans-Bold.79e0c29.ttf
www.sans.org/_nuxt/fonts/ 263 KB
264 KB 153ms
153ms Font
binary/octet-stream 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/fonts/ClearSans-Bold.79e0c29.ttf

Requested by

Host: www.sans.org
URL: https://www.sans.org/_nuxt/vendors/app.23be010.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e95b1274e575a12d4f9ed0293c359f92a2a1b73bda862b2432ecc567b330bfeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sans.org
Referer: https://www.sans.org/_nuxt/vendors/app.23be010.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:57 GMT
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Dec 2020 16:04:36 GMT
x-cdn: Imperva
etag: "79e0c29cff90ef22bd513f10253b1b32"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: binary/octet-stream
x-iinfo: 3-2539090-2538463 2VNN RT(1614003897587 0) q(0 0 0 -1) r(2 2)
x-xss-protection: 1; mode=block
cache-control: max-age=30, public
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 269792
x-content-type-options: nosniff
expires: Mon, 22 Feb 2021 14:25:27 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2026
date: Mon, 22 Feb 2021 13:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Feb 2021 15:51:12 GMT

GET
H2 200 hotjar-609302.js Show response
static.hotjar.com/c/ 5 KB
2 KB 62ms
61ms Script
application/javascript 65.9.96.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-609302.js?sv=6

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a5e4af3fb84926570ec7a34c72637ca05e3ee88b00fc866115c5f5957d9cbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:00 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 58
etag: W/cf834b16b5b6b1c057d978f4962fef78
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: PRG50-C1
content-length: 1899
via: 1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
x-amz-cf-id: etPoKoko3GtVKWUGEHYUrCOKC0YHeYtnAGWEIo-Q3D6H9s4y5FzqpQ==

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 2 KB
1010 B 121ms
38ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

eaeed3aaa11f3990dc66a9fef6d35e0e641b7ed8d671b2bfa94e8d87ca9a06be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 14:24:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 729

GET
H2 200 _Incapsula_Resource Show response
www.sans.org/ 131 KB
19 KB 29ms
28ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=12&cb=111195095

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d5bbda882403659cbd6f2e76bfb65661d3162b4d6bedb1599238395e0d14afb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 19188
content-type: application/javascript

GET
DATA 200
OK truncated
/ 722 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22a95d807e42979166d2d6d9c6bde6715c567c8220956c68c52e133b4352db66

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 329 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06952c6c4ab0ecb9c6ecc808d3f82e67c8a2cf9c182ccb5e17415eb722f3eab0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e27ff355adeddbca26613a8995f64bbea66b1a903625be61a659c7eb33378d9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2696d7c28956ab18f20f8372e9d95697288323b46904d1c20bc9a5a16421884f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 111 KB
39 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K3LZ9HB&t=gtm2&cid=840786996.1614003898&gac=_gaexp%3DGAX1.2.T9LT3q1-Re6T_t7_dK7POg.18732.1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ff0ca431a8ed72eebd9ba2ab2b5d8dec0e39b24df3c0108a29ad684caafd5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39541
x-xss-protection: 0
expires: Mon, 22 Feb 2021 14:24:58 GMT

GET
H2 200 modules.f56917110d6a0ab1d784.js Show response
script.hotjar.com/ 225 KB
59 KB 53ms
52ms Script
application/javascript 65.9.20.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f56917110d6a0ab1d784.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-609302.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.20.40 Orlando, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

08324a7a68e80569bbf9890be02328a235ed3ef73e4adcbc6f9ae978734f17e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 08:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22541
x-cache: Hit from cloudfront
content-length: 60213
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 08:06:07 GMT
etag: "7d00fe104e8d64a0bc88f2f19720e205"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9616c9d248a84b00a499563db915c53b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: lPRMpUY24RfmTmHIPhRrxScN3Im_JUAzfIjnifOUzQrHNkF9MzDf4Q==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-25324117-2&cid=840786996.1614003898&jid=285977359&gjid=167566958&_gid=1277823305.1614003898&_u=SDCAgEADQAAAAE~&z=2079806405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Feb 2021 14:24:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.sans.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
182 B 7ms
7ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=865388564&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sans.org%2Fspecials%2Feurope-middle-east-africa%2F%3Fmsc%3Dregion-redirect&ul=en-us&de=UTF-8&dt=Special%20Offer%20for%20Students%20in%20Europe%20%26%20Middle%20East%20%7C%20SANS%20Online%20Training&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=T9LT3q1-Re6T_t7_dK7POg.1&_u=SDCAgEADQ~&jid=285977359&gjid=167566958&cid=840786996.1614003898&tid=UA-25324117-2&_gid=1277823305.1614003898&gtm=2wg2a15T9DW3B&cd1=d104c483-988f-4aa9-893d-763c64a7dd75&cd2=2021-02-22T15%3A24%3A58.698%2B01%3A00&cd4=https%3A%2F%2Fwww.sans.org%2Fspecials%2Fnorth-america%2F&cd3=pageview&z=2043224047

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Feb 2021 21:31:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60818
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-25324117-2&cid=840786996.1614003898&jid=285977359&_u=SDCAgEADQAAAAE~&z=1791540529

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 14:24:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-25324117-2&cid=840786996.1614003898&jid=285977359&_u=SDCAgEADQAAAAE~&z=1791540529

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 14:24:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
addsearch.com/searchui/v3/ 55 KB
14 KB 47ms
47ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/searchui/v3/?key=58b8a4a0d3818cf198ff88f660f8f8f9&i=https://www.sans.org/specials/north-america/

Requested by

Host: addsearch.com
URL: https://addsearch.com/js/?key=58b8a4a0d3818cf198ff88f660f8f8f9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

4f482a3b2f1ab04bc586cbad78f5cc39a7053845f041a9efed44ee1de298df13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 14:24:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 852 B
947 B 64ms
50ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: www.sans.org
URL: https://www.sans.org/_nuxt/3a6640c.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fde06f152e9231d3319414a1f9945b0aef3e24c95e703dcb0bb6f053c43a4c21

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 1; mode=block
expires: Mon, 22 Feb 2021 14:24:59 GMT

GET
H2 200 f64ea01.js Show response
www.sans.org/_nuxt/ 29 KB
7 KB 245ms
245ms Script
application/javascript 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sans.org/_nuxt/f64ea01.js

Requested by

Host: www.sans.org
URL: https://www.sans.org/_nuxt/39244d9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89cc3dd163c43bd163f5329e8f44626833e1049512c02f303b448bf1eb85ea61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 3-2539096-2538463 2VNN RT(1614003898087 0) q(0 0 0 -1) r(3 3)
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 7200
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 Feb 2021 15:11:03 GMT
x-frame-options: SAMEORIGIN
etag: W/"709a15e76de3a7214978d100389811ef"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=30, public
expires: Mon, 22 Feb 2021 14:25:28 GMT

GET
H2 200 _Incapsula_Resource
www.sans.org/ 1 B
36 B 23ms
22ms Image
text/plain 45.60.33.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sans.org/_Incapsula_Resource?SWKMTFSR=1&e=0.47042377175734207

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.sans.org/specials/europe-middle-east-africa/?msc=region-redirect
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame E08A 2 KB
1 KB 48ms
48ms Document
text/html 65.9.20.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-609302.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.20.68 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sans.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sans.org/

Response headers

content-type: text/html
content-length: 851
date: Sat, 06 Feb 2021 03:08:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Fri, 05 Feb 2021 15:00:27 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 eea0826c9064fc2d08f21b43b4a26011.cloudfront.net (CloudFront)
x-amz-cf-pop: ZAG50-C1
x-amz-cf-id: JgV7nBc_VRB_B673W-xEVAdr1n-UWew9_c8rsE19ubP5BWTI7SRySQ==
age: 1422973

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ 331 KB
129 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.sans.org
Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:15:06 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CFC9 19 KB
10 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d29857e00e156ba1089a9f6db0f0b8bf6f631a24112f2f5049e04b39674a8e62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rVfQkF938THeUPcm7dAFsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sans.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.sans.org/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Feb 2021 14:24:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-rVfQkF938THeUPcm7dAFsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9978
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame CFC9 50 KB
25 KB 34ms
20ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 10:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
age: 13808
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Feb 2022 10:34:51 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame CFC9 331 KB
129 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 14:15:06 GMT

GET
H3-Q050 200 2c_QuwWjeBi1CLn15XejQq7ITjuwy0yNpwDmlIW3BK4.js Show response
www.google.com/js/bg/ Frame CFC9 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/2c_QuwWjeBi1CLn15XejQq7ITjuwy0yNpwDmlIW3BK4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cfd0bb05a37818b508b9f5e577a342aec84e3bb0cb4c8da700e69485b704ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:00:00 GMT
server: sffe
age: 335442
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6274
x-xss-protection: 0
expires: Fri, 18 Feb 2022 17:14:17 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame CFC9 102 B
137 B 16ms
16ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRaE8aAAAAAOB9CLy-hHWeafmpvmYkeMpCXrWO&co=aHR0cHM6Ly93d3cuc2Fucy5vcmc6NDQz&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=5nzjdl5e3fj3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 22 Feb 2021 14:24:59 GMT

GET
H2 200 / Show response
zn5mzsmkpycxwsqpf-sans.siteintercept.qualtrics.com/SIE/ 58 KB
18 KB 156ms
96ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn5mzsmkpycxwsqpf-sans.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5mZSMKPycxWSqpf

Requested by

Host: www.sans.org
URL: https://www.sans.org/specials/north-america/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

362b59e976b62173273857ce2b06303dd8585ac900eb09df74b8b1bf724c312a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sans.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 14:24:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391728
cf-polished: origSize=60856
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 086bba24af000023c7a532c000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"edb8-5mVkywZAWZN6VU3xO97XtPPY/M4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 62595fb4488b23c7-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sans.org/	1970-01-19 16:20:05	Name: _hjFirstSeen Value: 1
.sans.org/	1970-01-20 01:05:39	Name: _hjid Value: 0a914605-30e3-44cd-a798-62cb3fa9a4ec
www.sans.org/	1970-01-19 16:20:03	Name: ___utmvc Value: QVPv0Hz5mL2lDsF/G3YpVnEIIKJcdNx660tXvYxtKj1GETy8TW4FD/BUdMiC+ade/t3Ol4yBIrUPzqQWSYM9bFZsM9tuF0QGCHSxGdg6Bp79g6zrsh5PLEdkO9WdpreMrIekAC7kUXDGRpLnBS2beZucdTe9T6MoAY3Khu8bOgZitx4vxtEE6/8WUpcAXFFekYuWadfuW374pklFrGVr6BHzcaF7XRCTJNrRNZRHZ4OMeZ7arpc0ZmOwb4Dy5xlUzzbIPXZeHow4Cg5h0rBgdCVFlwpdXpspurFGseJor+3AizY/Uo17OZ5gU2LpGk4t0PeiUK19ZonmmiPtf9rmOLIFgXlAbtSbdXPcfsR5+G8rzY+2O/qJnumVxYk6KT2lJaXlBM9H4jnh0WZeppCVcDVRe3893ObARi2nq4UJSabMVrXIW9ktigHnfxJp8W7xIC9PfXRXczHb5ayVDGCnAgZB8rNnjK/VqncVyPVTZN2k8mc82k6q/1wV92s51dHz8StF4BySZXmpRyNTkl/Axszb8wGW1tEn/awnFE4okG5zvjE1TagmS0tIySTPcTj9QE4S6/9s877hadd+ytT02SmRtZk65s4ZR8SlDNXsulXt0DPJ63lkrMyVDOKz4BpJwz1t9cjpsadgP81UqDiRq/N1mgDF80w3YQgln+tsQwSSouEk8sY5UtKL7KH1gpkhJ8gp5VmEaTwwnixhtZURmGOa6/VrrBAEQQJmRaENOCmiHhPnF43QZO6ODUc/ZN7UmvhcvLiz8gGHZRMwh7v0vF91Fna1K0hgQT+slexdspMIgf4jGyyZFpcRSiK+hVCGxluQUaYM3vYf2tJevXYRgGudzhKWYm4zwJJpisLc1lJf9JFm0F1RQuL5OgVVAiDPkOaY6mDwwEmXexx2UdHxDa5Ct7UpSMVIPa+PGpbaMAdSyihQ8bvRrUWdemIZklGw/h4qqrJniORXgG8eWI2q3SPb8hkdZRlzM8u1Pq3f0sNY9mE6tluyzcZjxdTR0UTTFuW0+WFuAJ2bz2mbDK6sWnRl/str4ct0irN4N72koU9K/rTSEa0J1LUkdSK32TdR9HQ3zYQ4XtIZYuYwxYikHWsz/IsdhSurEMDyDyP9rq9kHdkBPnc31+vSi/Wz1MFgR81tCKwOCxKe0C3+dK3U39aB9Rc+H7p/pifYlrfHu+v/mS88U2ZX0Q/8ZeOpKq8rp444F0Ova2e51FjrU8nNQu5CBfzwnrmC4Z/31KNykAsCgRpUYzxrb5blG5iZ5WBCSKIT4q7EPSLJhs4qa/YVmxoT5PNwSyc4jrJc35DW+rsNEU55x1g3Kz5BRBWriv83DUQR/LfbifDNd8uFnttSpbYfTQJ2Y489Q3GucUqXoWrktn9+eoccSbOnr5VBD5Rl9PQ0apeXkcxO8QgFGcV+D97zFIL8uG3CIanxp9Sn+dgwUBanblqsv5XF/+Cws5hz+ggaIXccJHYBzY8Ohp7GAs/FE+gn8TiFtmOrY68q3Z5pJD0WaJKXiOCr3NEh31Mx5NTYoeQpaohoieS+RYZ4g8AEARLR5hbCrB88yHqd4DzwGhj1wcdXlS5xdo5SEjOv7JUiwqcezqh9BpjG3uEVwEfHXNhf4sAwsJVKi0QD0oSgjaiLzMfNjfIX7tLqbTJJ9Aq7pKdlwUTKW5BH1YK2t6qYYnt0kC8pnbUhq8GNQf6fSoj57YnhBAhMFjoutDKkXcxZO7/KPstzKT/ITTL+rzz/pt1n59QWglK6r319pxm1jQ80rbwSAiEVkzg1iv+n4GnTxFkf5WbrT7nJs9xDHyvRoRZb11DubdtmHcdXBK0xGd7OVlRWVrPS9NDCRpWbNz0LTCFq9GNtRY5X6J51h05mfDVHs1lDux5jdvYUTekHE0de5FsiB51fiwvr2YmfKbHJb2v6RXRlwtnM563yfPkjtaAx2OcT7wT1bkothXcJJ8Ygmh3FOwFc+9c+vwE4dlEu2jI+AJLO+JSn1qMJsTqSK0JD2EKA+lIThUUXBPkPcjhTrvTaFfl4MQd1zZcNLGRpZ2VzdD0xNDAyMzEscz04ODhiYTI4OTc3N2Q5ZjY0OWQ3NTg2OGE5YTdmOTI2YjgyN2Y2MWE2OGE3Yzg3OTc2NDhlNWJhNzYyYTc5Njc4OTY2NTdlODI4M2FiNmQ2Zg==
.sans.org/	1970-01-19 17:34:04	Name: _gaexp Value: GAX1.2.T9LT3q1-Re6T_t7_dK7POg.18732.1
.sans.org/	1970-01-19 16:20:03	Name: _dc_gtm_UA-25324117-2 Value: 1
.sans.org/	1970-01-20 01:05:27	Name: visid_incap_1329355 Value: iE4upUXGSyWFFoAso6WLlbi+M2AAAAAAQUIPAAAAAABEoQgTYx/ZqxCMZ0YHrjGN
.sans.org/	1969-12-31 23:59:59	Name: incap_ses_697_1329355 Value: LdRGJw/hSDJ/I4AnEj6sCbi+M2AAAAAAP7k3aWmcQX5+Wy/2ElhM/Q==
.sans.org/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.sans.org/	1970-01-20 09:51:15	Name: _ga Value: GA1.2.840786996.1614003898
.sans.org/	1970-01-19 16:21:30	Name: _gid Value: GA1.2.1277823305.1614003898
.sans.org/	1969-12-31 23:59:59	Name: nlbi_1329355_2277483 Value: m7mYUPWV3WLtbmJ3HZRHYgAAAAAA4w1A9GS5f+R4tRJHosZi
.sans.org/	1970-01-19 16:20:03	Name: _gaexp_rc Value: 1
.sans.org/	1969-12-31 23:59:59	Name: nlbi_1329355 Value: pU0PcDyomFvrCsTDHZRHYgAAAACH7cbHDZLq3jvx33FQ/eYE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsearch.com
click.email.sans.org
fonts.gstatic.com
images.contentstack.io
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sans.org
zn5mzsmkpycxwsqpf-sans.siteintercept.qualtrics.com
104.17.209.240
136.147.189.155
151.101.114.217
2a00:1450:4001:800::2003
2a00:1450:4001:801::2008
2a00:1450:4001:803::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c07::9a
45.60.33.34
52.166.11.26
65.9.20.40
65.9.20.68
65.9.96.97
02e083d17aada922d7049229d46ac4a427307eabd2e3f23f5463fb423dc55dc5
04bb5ea9f3d7dd799a9424bdbfc18e5fb27cda56854cfdab295cae0a7e97ef5a
06952c6c4ab0ecb9c6ecc808d3f82e67c8a2cf9c182ccb5e17415eb722f3eab0
08324a7a68e80569bbf9890be02328a235ed3ef73e4adcbc6f9ae978734f17e9
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1964720e3ed1328ae87162a2c9fb1d7350225fceb0cf8df06b5f550508cd85c4
1986b5c9284a35dfdce2c11c90bc7c52ca84e2567e0ea739c913eaa3b540cc5b
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
22a95d807e42979166d2d6d9c6bde6715c567c8220956c68c52e133b4352db66
2696d7c28956ab18f20f8372e9d95697288323b46904d1c20bc9a5a16421884f
362b59e976b62173273857ce2b06303dd8585ac900eb09df74b8b1bf724c312a
3dd04db66dc9bb460520fd11e0e8ab22cd96e2f12a2057a82f96a1fcb62cd7f1
43b6f6c110c653eb316755fcafa336c745128e8a5bd914fc8776f15281496e8e
4f482a3b2f1ab04bc586cbad78f5cc39a7053845f041a9efed44ee1de298df13
51da18f611aec3ff9946c4802c54fbeed93b1e12e50c67aa8c1372175f84734f
5ff0ca431a8ed72eebd9ba2ab2b5d8dec0e39b24df3c0108a29ad684caafd5ec
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6c61c5378ae9aadd6b2640f0775eaac95c6095e563f30e2f53c860cb233255f0
7b136f4f3f48b17fe3b5573ad81e5aa52123015cfc551cc5773ab5dd371354fd
7b686d8292e38fa3b8810b4876b99833ecbae73e26976bc5a6ec723852722722
81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8373dde4a91ebe50029d6acf1447ab949af75fbb6703979d107087f5c7d85514
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89b90b3011be7d6a57a3178c94dd1bf90b6643a851c57dc9a8ff6c21f452eff4
89cc3dd163c43bd163f5329e8f44626833e1049512c02f303b448bf1eb85ea61
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5e4af3fb84926570ec7a34c72637ca05e3ee88b00fc866115c5f5957d9cbabb
a660e74a678efc78029b91426a397f16921e5bf65e695e385ec0999390831081
aba3bac4f3a70d7bfe6d329cc4627c92525bb18c4e7c4e6d0bb05462af84ec79
b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f
bb811af889b6a3984944678f04b033a4805c49a66f06cde62ef29902e8f0f06f
bc917cd00c23d1c0986b63cb32484933844c2f4ec95e728f5a50048d51baf068
c51b22ebde38fde8e25a63e161463632ad13c614a1268f60848c23ac9c039621
d1e9ee3a97e9347ff3e9efc6b9e4182ff3f4f3eac3fdbfc48287552ca08f497a
d29857e00e156ba1089a9f6db0f0b8bf6f631a24112f2f5049e04b39674a8e62
d5bbda882403659cbd6f2e76bfb65661d3162b4d6bedb1599238395e0d14afb9
d9cfd0bb05a37818b508b9f5e577a342aec84e3bb0cb4c8da700e69485b704ae
e27ff355adeddbca26613a8995f64bbea66b1a903625be61a659c7eb33378d9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95b1274e575a12d4f9ed0293c359f92a2a1b73bda862b2432ecc567b330bfeb
eaeed3aaa11f3990dc66a9fef6d35e0e641b7ed8d671b2bfa94e8d87ca9a06be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fde06f152e9231d3319414a1f9945b0aef3e24c95e703dcb0bb6f053c43a4c21

www.sans.org Open in urlscan Pro 45.60.33.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

47 %IPv6

11 Domains

15 Subdomains

15 IPs

4 Countries

4973 kBTransfer

17903 kBSize

13 Cookies

15 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sans.org Open in urlscan Pro
45.60.33.34 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

47 %
IPv6

11
Domains

15
Subdomains

15
IPs

4
Countries

4973 kB
Transfer

17903 kB
Size

13
Cookies

53 HTTP transactions
11 data transactions