urlscan.io logo urlscan.io
SecurityTrails logo

api.sans.org Open in urlscan Pro
45.60.33.34  Public Scan

Go To Rescan Add Verdict Report
URL: https://api.sans.org/
Submission: On February 20 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 45.60.33.34, located in United States and belongs to INCAPSULA, US. The main domain is api.sans.org. The Cisco Umbrella rank of the primary domain is 464601.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q1 on January 19th 2024. Valid for: 6 months.
This is the only time api.sans.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.60.33.34 19551 (INCAPSULA)
2 1
Apex Domain
Subdomains		 Transfer
2 sans.org
api.sans.org — Cisco Umbrella Rank: 464601
20 KB
2 1
Domain Requested by
2 api.sans.org api.sans.org
2 1

This site contains no links.

Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-19 -
2024-07-17		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://api.sans.org/
Frame ID: C1FA9E865DCFF48769BDF7F72C4B5240
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

20 kB
Transfer

136 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api.sans.org/ 		845 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.sans.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
708c9266703bdc05232a655aded2de7936ce4f42085d81868325959f6bbb0f54
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security includeSubdomains; preload; max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-length
845
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
content-type
text/html
referrer-policy
no-referrer-when-downgrade
retry-after
5
strict-transport-security
includeSubdomains; preload; max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
7-111097617-0 0NNN RT(1708427705986 39) q(0 -1 -1 7) r(0 -1) b6 U24
x-xss-protection
1; mode=block
_Incapsula_Resource
api.sans.org/ 		135 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.sans.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: api.sans.org
URL: https://api.sans.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7ab2b2d78bec4ea2d739514983c7bd2cd461a0cba0cb193297b85bede175cdb9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security includeSubdomains; preload; max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.sans.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
includeSubdomains; preload; max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
content-security-policy
default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
19234
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
api.sans.org/ Name: visid_incap_2809573
Value: fc3N1K4ZTNyOfbk3VofbC7qJ1GUAAAAAQUIPAAAAAABKJhNm3BH+jt7gRAIOGjXl
api.sans.org/ Name: incap_ses_8219_2809573
Value: chNdXdVPrE1ygAzcb8IPcrqJ1GUAAAAAjsqmZJTrNtCzg9wkO8+/cw==

4 Console Messages

Source Level URL
Text
network error URL: https://api.sans.org/
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://api.sans.org/
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Juy/dqDy1gy1mQy4F6mUri5UHx+atHEcvCxdvfnDs2w='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
security error URL: https://api.sans.org/
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-IIbZ0XDypFfbZ/Pr/w7aG0fQY+Wt0tnRUqy2LHbnRsg='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
security error URL: https://api.sans.org/
Message:
Refused to frame 'https://api.sans.org/_Incapsula_Resource?CWUDNSAI=26&xinfo=7-111097617-0%200NNN%20RT%281708427705986%2039%29%20q%280%20-1%20-1%207%29%20r%280%20-1%29%20b6%20U24&incident_id=8219001630663409778-629218335809808583&edet=32&cinfo=ffffffff&rpinfo=0&mth=GET' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'frame-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
Strict-Transport-Security includeSubdomains; preload; max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sans.org
45.60.33.34
708c9266703bdc05232a655aded2de7936ce4f42085d81868325959f6bbb0f54
7ab2b2d78bec4ea2d739514983c7bd2cd461a0cba0cb193297b85bede175cdb9