www.dshield.org Open in urlscan Pro
159.223.154.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dshield.org/
Submission: On August 18 via manual (August 18th 2022, 1:21:57 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 67 HTTP transactions. The main IP is 159.223.154.178, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.dshield.org. The Cisco Umbrella rank of the primary domain is 338143.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.

This is the only time www.dshield.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	159.223.154.178 159.223.154.178	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
37	45.60.31.34 45.60.31.34	19551 (INCAPSULA) (INCAPSULA)
67	3

28 159.223.154.178 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: mail2.dshield.org

www.dshield.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 45.60.31.34 (United States)

ASN19551 (INCAPSULA, US)

isc.sans.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	sans.edu isc.sans.edu — Cisco Umbrella Rank: 119498	3 MB
28	dshield.org www.dshield.org — Cisco Umbrella Rank: 338143	945 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
67	3

	Domain	Requested by
37	isc.sans.edu	www.dshield.org
28	www.dshield.org	www.dshield.org
0	www.googletagmanager.com Failed	www.dshield.org
67	3

This site contains links to these domains. Also see Links.

Domain
sans.edu
jbu.me
www.virustotal.com
bazaar.abuse.ch
blog.didierstevens.com
docs.microsoft.com
en.wikipedia.org
sandsprite.com
blog.morphisec.com
github.com
isc.sans.edu
www.office.com
gchq.github.io
www.ipss.ca
handlers.sans.org
twitter.com
unit42.paloaltonetworks.com
threatresearch.ext.hp.com
www.sudo.ws
nsudo.m2team.org
keybase.io
www.cafepress.com
creativecommons.org
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
mail2.dshield.org R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-09` - `2022-12-09`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.dshield.org/
Frame ID: 9C8FCF0432576CF9F7F4BFB593370E13
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SANS.edu Internet Storm Center - SANS Internet Storm Center

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

97 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

4152 kB
Transfer

4125 kB
Size

4
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://sans.edu/
Title: SANS.edu

Search URL Search Domain Scan URL

URL: https://jbu.me/164
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/394c97cc9d567e556a357f129aea03f737cbd2a1761df32146ef69d93afc73dc
Title: 394c97cc9d567e556a357f129aea03f737cbd2a1761df32146ef69d93afc73dc

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/394c97cc9d567e556a357f129aea03f737cbd2a1761df32146ef69d93afc73dc/
Title: MalwareBazaar

Search URL Search Domain Scan URL

URL: https://blog.didierstevens.com/programs/oledump-py/
Title: oledump.py

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows/win32/api/stringapiset/nf-stringapiset-multibytetowidechar
Title: MultiByteToWideChar

Search URL Search Domain Scan URL

URL: https://blog.didierstevens.com/2022/07/24/update-re-search-py-version-0-0-21/
Title: re-search.py

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/UTF-7
Title: UTF7

Search URL Search Domain Scan URL

URL: https://blog.didierstevens.com/programs/translate/
Title: translate.py

Search URL Search Domain Scan URL

URL: http://sandsprite.com/blogs/index.php?uid=7&pid=152
Title: scdbg

Search URL Search Domain Scan URL

URL: https://blog.morphisec.com/apt-c-35-new-windows-framework-revealed
Title: blog post

Search URL Search Domain Scan URL

URL: http://blog.didierstevens.com/
Title: blog.DidierStevens.com

Search URL Search Domain Scan URL

URL: https://github.com/infobyte/cve-2022-27255/blob/main/DEFCON/slides.pdf
Title: https://github.com/infobyte/cve-2022-27255/blob/main/DEFCON/slides.pdf

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/presentations/Realtek_SDK_SIP_Vulnerablity.pptx
Title: https://isc.sans.edu/presentations/Realtek_SDK_SIP_Vulnerablity.pptx

Search URL Search Domain Scan URL

URL: https://github.com/infobyte/cve-2022-27255
Title: https://github.com/infobyte/cve-2022-27255

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/exploit.pcap
Title: exploit.pcap

Search URL Search Domain Scan URL

URL: https://www.office.com/
Title: Office 365

Search URL Search Domain Scan URL

URL: https://gchq.github.io/CyberChef/
Title: CyberChef

Search URL Search Domain Scan URL

URL: http://www.ipss.ca/
Title: IPSS Inc.

Search URL Search Domain Scan URL

URL: https://handlers.sans.org/gbruneau/
Title: My Handler Page

Search URL Search Domain Scan URL

URL: https://twitter.com/guybruneau
Title: GuyBruneau

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/atoms/monsterlibra/
Title: Monster Libra

Search URL Search Domain Scan URL

URL: https://threatresearch.ext.hp.com/svcready-a-new-loader-reveals-itself/
Title: SVCready

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diary/IcedID+%28Bokbot%29+with+Dark+VNC+and+Cobalt+Strike/28884
Title: IcedID

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-01.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-02.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-03.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-04d.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-05.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-06.jpg

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-07.jpg

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/home/search
Title: VT

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/025d824f7fd062715efe4914065eb6026a0f1720256f03e18c652978ec9d6844
Title: 025d824f7fd062715efe4914065eb6026a0f1720256f03e18c652978ec9d6844

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/04042893124fdbf007cfdb673ef878ac9a47f37f871c1e5322ec46945915abc1
Title: 04042893124fdbf007cfdb673ef878ac9a47f37f871c1e5322ec46945915abc1

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/23b9a20a59041fc7d484957e49ffa7e0f6dba7dbbec0628a4adb69c2e05863ab
Title: 23b9a20a59041fc7d484957e49ffa7e0f6dba7dbbec0628a4adb69c2e05863ab

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/373856a75b78406d26cfbb41cbbba7041bad1e56a3304ba17376b294bc773eee
Title: 373856a75b78406d26cfbb41cbbba7041bad1e56a3304ba17376b294bc773eee

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/3af042bd0b5a186b98920cf0b7066344609d6d6deb163ffb0b60325dcca66e44
Title: 3af042bd0b5a186b98920cf0b7066344609d6d6deb163ffb0b60325dcca66e44

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/3b86f8aff12d2b32461a0b20f01f3d13ee062c80cb647ce09ff33f296b1f9e47
Title: 3b86f8aff12d2b32461a0b20f01f3d13ee062c80cb647ce09ff33f296b1f9e47

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/3c59aab375e8ebf7a3da914e7f1f38c6c54947b4c27c73c5c591ab27152dfe4d
Title: 3c59aab375e8ebf7a3da914e7f1f38c6c54947b4c27c73c5c591ab27152dfe4d

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/4f479dc5b981aadc01b1f245d8694b1ad043247f04148bbb78a86c8ed530b777
Title: 4f479dc5b981aadc01b1f245d8694b1ad043247f04148bbb78a86c8ed530b777

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/500b85d4e573f6e14e96c0a06e2d8fe15572c0eb97e3cc6d204d3416140d8a61
Title: 500b85d4e573f6e14e96c0a06e2d8fe15572c0eb97e3cc6d204d3416140d8a61

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/565c2dc637cfa658a2bf8263da58aac2492119ea8bfc4287742a34e3ef456f6f
Title: 565c2dc637cfa658a2bf8263da58aac2492119ea8bfc4287742a34e3ef456f6f

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/78c296d80214d887820a3c55bc06fbc42b17db90fb01aef0766365b383f1e7f1
Title: 78c296d80214d887820a3c55bc06fbc42b17db90fb01aef0766365b383f1e7f1

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/7ed7f3591ed5a7db3e12df16c9625bdc0367ebd5d6aab6d83a98bd5e40bf288f
Title: 7ed7f3591ed5a7db3e12df16c9625bdc0367ebd5d6aab6d83a98bd5e40bf288f

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/9cb01729327bd958e32aa9481d5a81303627ab7a59b9ae134fb6600ef4e5b680
Title: 9cb01729327bd958e32aa9481d5a81303627ab7a59b9ae134fb6600ef4e5b680

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/aabc9295e27a673dcfb902960b8196a561923cef78ddb061956cb627fcfa782c
Title: aabc9295e27a673dcfb902960b8196a561923cef78ddb061956cb627fcfa782c

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/abc8d1097f0249c749f2c7d7058be1b39c88e21d26d45d76985c989289565214
Title: abc8d1097f0249c749f2c7d7058be1b39c88e21d26d45d76985c989289565214

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/bc45389ee9779bf1c6ad66d8b25b4032212fbd5db0defd2e5443a27c1b7a4e80
Title: bc45389ee9779bf1c6ad66d8b25b4032212fbd5db0defd2e5443a27c1b7a4e80

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/bcd1525b0a107b809deb7cce89ae7b873681c14f3513d930b63f2b8739c76c4d
Title: bcd1525b0a107b809deb7cce89ae7b873681c14f3513d930b63f2b8739c76c4d

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/d297f78ca4fc35e899792260c98f752947f7d6b5999650a6210f4a8538a2e655
Title: d297f78ca4fc35e899792260c98f752947f7d6b5999650a6210f4a8538a2e655

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/d66a64e64a1d1b44ebcc854f04b1e175ccc93b61fff0f093394f6dcdcd785d82
Title: d66a64e64a1d1b44ebcc854f04b1e175ccc93b61fff0f093394f6dcdcd785d82

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/e9258541a5c96fcacb6a2ce349282db7e9403a16fa9f952e8f1f69929dda7abc
Title: e9258541a5c96fcacb6a2ce349282db7e9403a16fa9f952e8f1f69929dda7abc

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/6cbe0e1f046b13b29bfa26f8b368281d2dda7eb9b718651d5856f22cc3e02910
Title: 6cbe0e1f046b13b29bfa26f8b368281d2dda7eb9b718651d5856f22cc3e02910

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/8cd135e5b49d16aceb7665b6316cd4df2e132ef503ff0af51c080bad7010efd6
Title: 8cd135e5b49d16aceb7665b6316cd4df2e132ef503ff0af51c080bad7010efd6

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/5af2d2e245b36447fffff463b66164807f505dc9efcbe7fadfe4d450b1715c46
Title: 5af2d2e245b36447fffff463b66164807f505dc9efcbe7fadfe4d450b1715c46

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/1de8b101cf9f0fabc9f086bddb662c89d92c903c5db107910b3898537d4aa8e7
Title: 1de8b101cf9f0fabc9f086bddb662c89d92c903c5db107910b3898537d4aa8e7

Search URL Search Domain Scan URL

URL: https://bazaar.abuse.ch/sample/d45c78fa400b32c11443061dcd1c286d971881ddf35a47143e4d426a3ec6bffd
Title: d45c78fa400b32c11443061dcd1c286d971881ddf35a47143e4d426a3ec6bffd

Search URL Search Domain Scan URL

URL: https://www.sudo.ws/
Title: 1

Search URL Search Domain Scan URL

URL: https://nsudo.m2team.org/en-us/
Title: 2

Search URL Search Domain Scan URL

URL: https://keybase.io/xme/key.asc
Title: PGP Key

Search URL Search Domain Scan URL

URL: http://www.cafepress.com/stormcenter
Title: Buy SANS ISC Gear

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by-nc-sa/4.0/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCfbOsqPmWg1H_34hTjKEW2A

Search URL Search Domain Scan URL

URL: https://twitter.com/sans_isc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?gid=35470

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.dshield.org/ 22 KB
8 KB 637ms
315ms Document
text/html 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

b3e9e23a63942a20e5e40c9a00e6a93157896898a0e166dcf6ded2946ab3a310

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
content-type: text/html; charset=UTF-8
date: Thu, 18 Aug 2022 13:21:53 GMT
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
permitted-cross-domain-policies: none
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31556926; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: same
x-heyjason: SEC522 rocks
x-isc-cdn: 6704cb8852
x-xss-protection: 1; mode=block

GET
H2 200 screen.css
www.dshield.org/css/ 43 KB
44 KB 296ms
293ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/screen.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

928390f1456b9afe3617d487cf7bb481c6f8ea333e12236ab04f402d518438b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 43658
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Mon, 08 Aug 2022 20:34:54 GMT
server: nginx
x-frame-options: same
etag: "aa8a-5e5c0bf9c8bdf"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 msft.css
www.dshield.org/css/ 573 B
1 KB 298ms
295ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/msft.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

883fc965030cbe4773ce84d1280c1672f55d09990049f749e393280d8924345d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 573
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nginx
x-frame-options: same
etag: "23d-5da69f08a9af6"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 fontawesome.css
www.dshield.org/css/ 92 KB
93 KB 495ms
493ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/fontawesome.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

a078ca983c92c525fe69bba051f7c1d0937c47c2f701868b6eecd13a5efc4263

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 93940
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nginx
x-frame-options: same
etag: "16ef4-5da69f0880abb"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 v3.css
www.dshield.org/css/ 34 KB
35 KB 296ms
293ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/v3.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

91342e6a65ee843f3edcfac2083df4dc1c09e2fec947b4372122a68118bed314

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 35129
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Sun, 14 Aug 2022 11:57:53 GMT
server: nginx
x-frame-options: same
etag: "8939-5e63239a8dfd1"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 bootstrap-modal.min.css
www.dshield.org/css/bootstrap-modal/ 5 KB
6 KB 299ms
296ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/bootstrap-modal/bootstrap-modal.min.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 4905
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nginx
x-frame-options: same
etag: "1329-5da69f0872446"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 jquery-2.0.3.min.js Show response
www.dshield.org/js/ 82 KB
83 KB 495ms
493ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/jquery-2.0.3.min.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

3bb562814d366095a71523f38db3237ad925371b177599721ffeb923f867098a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 83614
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:52 GMT
server: nginx
x-frame-options: same
etag: "1469e-5da69f0ee1b7b"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 bootstrap.min.js Show response
www.dshield.org/js/bootstrap-modal/ 6 KB
7 KB 395ms
393ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/bootstrap-modal/bootstrap.min.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

80bab0fce06cce9b0d11d8d7c5762706523db4da59642f4722b0811a09da41b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 6601
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nginx
x-frame-options: same
etag: "19c9-5da69f0eb3168"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 apn.js Show response
www.dshield.org/js/ 922 B
2 KB 290ms
288ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/apn.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

2d877bee53288d7332ca67d58ec7221ac15b9e535531102865a7b7303c1f876b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 922
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:51 GMT
server: nginx
x-frame-options: same
etag: "39a-5da69f0ead792"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 timezone.js Show response
www.dshield.org/js/ 815 B
2 KB 296ms
295ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/timezone.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

8bef3fd6e85e429b19bdee05e47e8eb79bd0e3881bed4284e9e2952f9f6dd9c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 815
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:56 GMT
server: nginx
x-frame-options: same
etag: "32f-5da69f1322560"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
www.dshield.org/js/ 91 KB
92 KB 552ms
550ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/jquery.min.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

747eae63a811c625dd72dc301ab38ba2c6f0e75d2ebb4153e6acba9c7d4d04f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 93112
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:52 GMT
server: nginx
x-frame-options: same
etag: "16bb8-5da69f0eed312"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 homepage.js Show response
www.dshield.org/js/ 4 KB
5 KB 553ms
551ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/homepage.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

3da02ca12517c43a26d1abac27f4927c6d5252a22fcbbe030128db72ae5fc0fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 4489
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 18 Aug 2022 01:26:54 GMT
server: nginx
x-frame-options: same
etag: "1189-5e679e06b4cb0"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 home.css
www.dshield.org/css/ 232 B
1 KB 295ms
294ms Stylesheet
text/css 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/css/home.css

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

b052ca028ace897abaebae2c63026a09d4de1896014b595d29d9381053964929

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:53 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 232
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:45 GMT
server: nginx
x-frame-options: same
etag: "e8-5da69f0887814"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/css
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 cc.png
www.dshield.org/images/ 461 B
1 KB 319ms
319ms Image
image/png 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/cc.png

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

e822f0984efb293dbe344fe6134c9a295a10a3fa2ecbc1695594180bdd719e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 461
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
x-frame-options: same
etag: "1cd-5da69f09c178b"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: image/png
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 main.js Show response
www.dshield.org/js/ 3 KB
4 KB 329ms
329ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/main.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

c1899f311a78162fb68fac938bb683ed222024a6e426f2a12d059e53dfb07578

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 3344
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:56 GMT
server: nginx
x-frame-options: same
etag: "d10-5da69f12e54cc"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 menu.js Show response
www.dshield.org/js/ 708 B
2 KB 326ms
326ms Script
application/javascript 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/js/menu.js

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

b5ac7ec5bde333441b767cc685f5e6084f9ba37ecc12f33d2af801a6fa5afc5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 708
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
x-frame-options: same
etag: "2c4-5e350d41b8c3a"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

POST
H2 200 cspreport.html
isc.sans.edu/ 0
0 461ms
243ms Other
text/html 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://isc.sans.edu/cspreport.html
Requested by: Host: www.dshield.org
URL: https://www.dshield.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

GET gtm.js
www.googletagmanager.com/ 0
0

POST
H2 200 cspreport.html
isc.sans.edu/ 0
0 158ms
158ms Other
text/html 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://isc.sans.edu/cspreport.html
Requested by: Host: www.dshield.org
URL: https://www.dshield.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.31.34 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

GET count.js
isc.sans.edu/js/ 0
0

GET
H2 200 poppins-regular.ttf
www.dshield.org/webfonts/ 16 KB
17 KB 314ms
313ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/poppins-regular.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 16148
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
x-frame-options: same
etag: "3f14-5e350d41e7a2f"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/font-sfnt
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 open-sans-700.ttf
www.dshield.org/webfonts/ 31 KB
32 KB 313ms
313ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/open-sans-700.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

68151e32200f64f60f412bbc3ccde917a5fadb2f1a464cf7b3b77fd7675e6afc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 31420
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
x-frame-options: same
etag: "7abc-5e350d41e4768"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/font-sfnt
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 open-sans-regular.ttf
www.dshield.org/webfonts/ 31 KB
32 KB 312ms
311ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/open-sans-regular.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

18b7e49a6696c5a278ac77eb98149048d0819df63ac265a2cf3abb26914d57c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 31380
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
x-frame-options: same
etag: "7a94-5e350d41e5ed7"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/font-sfnt
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 clear-sans-medium.ttf
www.dshield.org/webfonts/ 306 KB
307 KB 314ms
314ms Font
application/font-sfnt 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/webfonts/clear-sans-medium.ttf

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/css/v3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

93677acbadea77e254b491589812f1e218a97adcd10a4957622b8c7a86e14181

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dshield.org/css/v3.css
Origin: https://www.dshield.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:54 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 313308
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Fri, 08 Jul 2022 20:12:59 GMT
server: nginx
x-frame-options: same
etag: "4c7dc-5e350d41e10bb"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: application/font-sfnt
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10b325a392531c8e79d4ccaddebcd159fd21ceb66bbb05748a97f16bc4166fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 719 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc9ae7d497329a5eca73e21429b751949aad15855cd77d1b29f9224b0857eddf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 506 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b927ed2eff7fca9c6f9224dd8cda6ae9194dd66321cb09474b079fff8caeef60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 778 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f335fe583fdad5c70b6c71499a736ce7de3e5d40a496ef092cef2e0e331538e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 handler Show response
www.dshield.org/api/diarypage/7/100000/ 42 KB
43 KB 607ms
606ms XHR
text/json 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/api/diarypage/7/100000/handler?json

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

18c687470c0c80d13852ba66814b49535738a3492e1df5cb6cbc8af764cd2868

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dshield.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
randomness: e498df72a88cc8af
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 18 Aug 2022 13:11:55 +0000
server: nginx
x-frame-options: same, SAMEORIGIN
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/json;charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=600
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
expires: Thu, 18 Aug 2022 13:31:55 +0000

GET
H2 200 80000 Show response
www.dshield.org/api/podcastpage/7/ 7 KB
8 KB 5448ms
5448ms XHR
text/json 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/api/podcastpage/7/80000?json

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

2213e950a943052ecb6a7b46e3b1bb7eced86b30d65f9dcdd4fd007784f1c9cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dshield.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:22:00 GMT
x-content-type-options: nosniff
randomness: 7be5b7894244fae301f
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 7433
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 18 Aug 2022 13:12:00 +0000
server: nginx
x-frame-options: same, SAMEORIGIN
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/json;charset=UTF-8
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 13:32:00 +0000
cache-control: s-maxage=600
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
pragma: no-cache

GET
H2 200 7 Show response
www.dshield.org/api/jobs/ 87 KB
88 KB 519ms
519ms XHR
text/json 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dshield.org/api/jobs/7?json

Requested by

Host: www.dshield.org
URL: https://www.dshield.org/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

27e506124d7970e52e90ad84cf45231a26c40d2093e86136654c8ac34a25d1b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.dshield.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
randomness: 8e1f61152eae5a7a
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 18 Aug 2022 13:11:55 +0000
server: nginx
x-frame-options: same, SAMEORIGIN
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: text/json;charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=600
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
expires: Thu, 18 Aug 2022 13:31:55 +0000

GET
H2 200 johannes-ullrich.jpg
www.dshield.org/images/design/custom/headshots/ 16 KB
17 KB 324ms
315ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/johannes-ullrich.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

ca4e2005ddb23641869230f7a9a0de0cf8d40c62162249422478ec7e6300e568

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 16772
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
x-frame-options: same
etag: "4184-5da69f09eda8a"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: image/jpeg
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 Screen%20Shot%202022-08-17%20at%208_09_55%20AM.png
isc.sans.edu/diaryimages/images/ 9 KB
10 KB 428ms
211ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/Screen%20Shot%202022-08-17%20at%208_09_55%20AM.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

4e19283ccfa5529eee1a66aa853a1e791e94c4c311c5c6623784792f42dfd4b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71697991 2CNN RT(1660828915326 109) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 9586
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 17 Aug 2022 12:20:38 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "6bfe-5e66ee48733ce"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=3529, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:20:44 GMT

GET
H2 200 20220816-144349.png
isc.sans.edu/diaryimages/images/ 7 KB
7 KB 426ms
208ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-144349.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

4747e579c7993e9920020842789e63c4860252825623426c331f412462f2a045

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0cNN RT(1660828915326 113) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 6858
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:05:18 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "424c-5e65b6675c156"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=1, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 13:21:56 GMT

GET
H2 200 20220816-144408.png
isc.sans.edu/diaryimages/images/ 22 KB
23 KB 321ms
104ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-144408.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

257f76f771ac763499be6875b3e4319596c9c477589897c0411e9e619bcec7d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0cNN RT(1660828915326 111) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 22641
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:06:05 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "f0b4-5e65b693af312"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=1, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 13:21:56 GMT

GET
H2 200 20220816-144420.png
isc.sans.edu/diaryimages/images/ 13 KB
14 KB 526ms
310ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-144420.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

1535a9d5f783c3e0dc7dee187e5d92b9b2a8e59cd019e8a948d300ae4a5065e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71700160 2CNN RT(1660828915326 115) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 13673
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:06:46 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "b239-5e65b6bb045a5"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:45 GMT

GET
H2 200 20220816-144432.png
isc.sans.edu/diaryimages/images/ 12 KB
12 KB 524ms
307ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-144432.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

66284c3a67c30e00475d7620469a9a4f838607fb91a6ee251936e730bb244cff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71698137 2CNN RT(1660828915326 114) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 12297
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:07:06 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "7edf-5e65b6ce21a36"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:45 GMT

GET
H2 200 20220816-144844.png
isc.sans.edu/diaryimages/images/ 14 KB
14 KB 628ms
412ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-144844.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

1ac3e55eecfcd1956d5372b631db28b5b80e3a5925f1c6481077df6944c85619

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71700195 2CNN RT(1660828915326 207) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 14386
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:07:31 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "8525-5e65b6e5911e2"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:45 GMT

GET
H2 200 20220816-145103.png
isc.sans.edu/diaryimages/images/ 18 KB
18 KB 527ms
311ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145103.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

016cc93dc0c81d5f65f9afd80e68a35f9d06930b2e0d21a1e779378ce51261ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71706736 2CNN RT(1660828915326 117) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 18034
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:09:31 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "e9ab-5e65b75851add"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2431, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:26 GMT

GET
H2 200 20220816-145134.png
isc.sans.edu/diaryimages/images/ 8 KB
8 KB 527ms
310ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145134.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

48e91d7404eab1e3ef0465f72688cce546352ef094c1355e7f06f59806e5ae44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71698054 2CNN RT(1660828915326 116) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 7706
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:10:20 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "4811-5e65b786abd2d"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:45 GMT

GET
H2 200 20220816-145225.png
isc.sans.edu/diaryimages/images/ 7 KB
7 KB 516ms
300ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145225.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

15eea93e6dd864ca6a0674c82e8c69c15753ca2feae5b52cd1622a3019bb5cf7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0cNN RT(1660828915326 116) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 6895
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:11:02 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "38b1-5e65b7aea0c65"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=1, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 13:21:56 GMT

GET
H2 200 20220816-145249.png
isc.sans.edu/diaryimages/images/ 8 KB
8 KB 626ms
411ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145249.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

31ca6e893c4b2c00d5b70c14784091f62ad4c318ff0584a367d28c938c6287f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0cNN RT(1660828915326 211) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 7954
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:11:24 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "49a5-5e65b7c3c4001"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=1, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 13:21:56 GMT

GET
H2 200 20220816-145314.png
isc.sans.edu/diaryimages/images/ 34 KB
35 KB 616ms
401ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145314.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

ee79f6d0d0dfcd3e080d0ac7fd6c87e6e4cc799c4d4bd88180ea3a64af3f922a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0cNN RT(1660828915326 209) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 35300
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:12:01 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "147f0-5e65b7e7a159e"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=1, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 13:21:56 GMT

GET
H2 200 20220816-145552.png
isc.sans.edu/diaryimages/images/ 11 KB
12 KB 1050ms
834ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145552.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

cd30ae4a4428a90a98b45878b83806a2be9dafa0e7c6b51ab28641bef703a36d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:56 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71698137 2CNN RT(1660828915326 209) q(0 0 0 -1) r(5 5)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 11747
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:13:27 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "72dd-5e65b8397b384"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:46 GMT

GET
H2 200 20220816-145617.png
isc.sans.edu/diaryimages/images/ 20 KB
21 KB 628ms
413ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145617.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

dcb2913439530f1c8606b006eaad415edbde02bcca47eea7b4c5d85c1a10ed56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71697991 2CNN RT(1660828915326 208) q(0 0 0 -1) r(0 0)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 20850
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:14:17 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "f321-5e65b868a6795"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2431, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:26 GMT

GET
H2 200 20220816-145638.png
isc.sans.edu/diaryimages/images/ 6 KB
6 KB 1052ms
837ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-145638.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

5b25f10abb3aef248d869c8a072ad8e13c728565089f8a556afdd01b8a5cbbaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:56 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71700195 2CNN RT(1660828915326 214) q(0 2 2 -1) r(5 5)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 6261
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:16:04 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "3323-5e65b8ceb375c"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:46 GMT

GET
H2 200 20220816-150336.png
isc.sans.edu/diaryimages/images/ 31 KB
31 KB 1051ms
836ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-150336.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

5e0e93f1daaa09d2a541b9d7394107674982e1866f9a57b0aa0d4abdb663cb47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:56 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71706736 2CNN RT(1660828915326 213) q(0 1 1 -1) r(5 5)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 31296
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:16:19 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "c9c9-5e65b8dd39f21"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2449, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:45 GMT

GET
H2 200 20220816-150253.png
isc.sans.edu/diaryimages/images/ 7 KB
7 KB 1050ms
835ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-150253.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

f03ae6c5f1db379acf38f6105d0ba27abe5498dc10670bfd17f508620c3e45e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:56 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71698054 2CNN RT(1660828915326 212) q(0 1 1 -1) r(5 5)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 6797
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:18:25 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "35f3-5e65b9559f326"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:46 GMT

GET
H2 200 20220816-150355.png
isc.sans.edu/diaryimages/images/ 35 KB
36 KB 1053ms
839ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-150355.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

9e728c3de6775653292b78ca183a95ff031e8865375f17d27f44a54b6a5de47b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:56 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71707831 2CNN RT(1660828915326 212) q(0 1 5 -1) r(5 5)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 36203
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:18:40 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "eb59-5e65b96371c07"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2449, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:45 GMT

GET
H2 200 20220816-150409.png
isc.sans.edu/diaryimages/images/ 35 KB
37 KB 1057ms
843ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-150409.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

3b085bf74df5725b7c9758aa4d242891a4eda8deedb64eb7dcea157c9c1a2fac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:56 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71706736 2CNN RT(1660828915326 216) q(0 5 5 -1) r(5 5)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 36216
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:19:14 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "ed76-5e65b9844fa92"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2449, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:45 GMT

GET
H2 200 20220816-150433.png
isc.sans.edu/diaryimages/images/ 16 KB
16 KB 1052ms
837ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/20220816-150433.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

852cc55df40883876c18ee26f595367d3d21f8bf0b562db7a2a76c5240b8b500

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:56 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-71707828 2CNN RT(1660828915326 216) q(0 2 2 -1) r(5 5)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 16246
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 16 Aug 2022 13:20:25 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "dd4e-5e65b9c77adf2"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2450, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:02:46 GMT

GET
H2 200 didier-stevens.jpg
www.dshield.org/images/design/custom/headshots/ 4 KB
5 KB 322ms
316ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/didier-stevens.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

1f40e84bb8c3fe5aa328c1dbd48a6658c2fc3bcefd4e93de0d43814e970bd1bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 4159
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
x-frame-options: same
etag: "103f-5da69f09e55c0"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: image/jpeg
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 voicemail_attachment.PNG
isc.sans.edu/diaryimages/images/ 3 KB
3 KB 716ms
502ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/voicemail_attachment.PNG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

5696ba07b4648fb7c6a9183eef752adf2816110e87c394178a619dfc96836512

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 215) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 3156
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 13 Aug 2022 16:51:01 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "d47-5e6223429f1f9"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2329, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:44 GMT

GET
H2 200 voicemail1.png
isc.sans.edu/diaryimages/images/ 19 KB
20 KB 628ms
415ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/voicemail1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

c8d94a00aa8207ad1b2fc05929af1533bf504dfc3260f98f7bfb016aa54602ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 214) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 19272
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 13 Aug 2022 16:51:52 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "ae87-5e622372a9271"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2329, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:44 GMT

GET
H2 200 voicemail_base64.PNG
isc.sans.edu/diaryimages/images/ 53 KB
54 KB 733ms
519ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/voicemail_base64.PNG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

51c435dbde41a340e749cd067bcf4897673f8c43a3257ec45eb70cfa61867348

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 219) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 54564
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 13 Aug 2022 16:53:09 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "1c568-5e6223bc63eea"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2330, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:45 GMT

GET
H2 200 voicemail2.png
isc.sans.edu/diaryimages/images/ 20 KB
20 KB 730ms
517ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/voicemail2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

41c6f29862e18f3d2c7899d0fcc26a50ba39798665839e2e219c7ce9c9e32e27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 218) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 20032
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 13 Aug 2022 16:55:11 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "5e73-5e6224301b6f1"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2330, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:45 GMT

GET
H2 200 guy-bruneau.jpg
www.dshield.org/images/design/custom/headshots/ 2 KB
3 KB 325ms
321ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/guy-bruneau.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

bfe54b53c2c41fb4d600f4c2c21aaf0316cb3c150c75acfd3c3f82ce2d3d40e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 2506
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
x-frame-options: same
etag: "9ca-5da69f09e9c04"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: image/jpeg
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 2022-08-12-ISC-diary-image-01a.jpg
isc.sans.edu/diaryimages/images/ 224 KB
225 KB 725ms
512ms Image
image/jpeg 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-01a.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

3034a62ad92170fabbc702017d79ef0e633d5da2b15efeb2e0109225f789a486

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 218) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 229872
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 21:17:38 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "4412a-5e5fdb1f57db8"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2289, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:04 GMT

GET
H2 200 2022-08-12-ISC-diary-image-02a.jpg
isc.sans.edu/diaryimages/images/ 138 KB
139 KB 717ms
505ms Image
image/jpeg 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-02a.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

5b7d63e32b05364adbca298d461c745ddaeb001482461c97bea54d9865690d27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 217) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 141347
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 21:45:21 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "2a1ed-5e5fe15122b83"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2293, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:08 GMT

GET
H2 200 2022-08-12-ISC-diary-image-03b.jpg
isc.sans.edu/diaryimages/images/ 221 KB
222 KB 831ms
618ms Image
image/jpeg 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-03b.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

42e1db70daa085aabed8feab1d04b0bc67bf544565c285785d173879c2d90b84

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 223) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 226346
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 22:09:19 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "3d23a-5e5fe6ac30365"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2289, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:04 GMT

GET
H2 200 2022-08-12-ISC-diary-image-04e.jpg
isc.sans.edu/diaryimages/images/ 161 KB
161 KB 828ms
616ms Image
image/jpeg 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-04e.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

e23226cdae247f779c7161c51993447183f9db727c7a3eaf50176137c7378c99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 222) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 164850
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 23:12:57 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "2e716-5e5ff4e5d2a62"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2290, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:05 GMT

GET
H2 200 2022-08-12-ISC-diary-image-05a.jpg
isc.sans.edu/diaryimages/images/ 366 KB
367 KB 825ms
613ms Image
image/jpeg 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-05a.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

89c5c22f6288fd3777d339c10269f2fea06531fe7df75ea9e50b5bc8323fa8a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 222) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 375143
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 23:14:59 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "69a82-5e5ff55992549"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2294, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:09 GMT

GET
H2 200 2022-08-12-ISC-diary-image-06a.jpg
isc.sans.edu/diaryimages/images/ 598 KB
598 KB 819ms
607ms Image
image/jpeg 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-06a.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

f14cd3838122912769720d925707aa273c7858138621053ac81056d15b5ef677

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 220) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 612048
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 23:43:41 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "b1477-5e5ffbc475ce4"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2293, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:08 GMT

GET
H2 200 2022-08-12-ISC-diary-image-07a.jpg
isc.sans.edu/diaryimages/images/ 620 KB
621 KB 928ms
716ms Image
image/jpeg 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/2022-08-12-ISC-diary-image-07a.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

a621f2443a50b045bd58a7a1bf8f205d011a6d3eb2e59734dfe2360ae654cf89

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 226) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 634859
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 23:45:17 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "b959d-5e5ffc1ff3314"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/jpeg
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=2295, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 14:00:10 GMT

GET
H2 200 brad-duncan.jpg
www.dshield.org/images/design/custom/headshots/ 4 KB
5 KB 321ms
318ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/brad-duncan.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

c9279f0a089e9d767d5b6df42bbfdc1354817b1a03fed49e62fdc4518d338e8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 4012
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:46 GMT
server: nginx
x-frame-options: same
etag: "fac-5da69f09e2abd"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: image/jpeg
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

GET
H2 200 isc-20220811-1.png
isc.sans.edu/diaryimages/images/ 6 KB
6 KB 923ms
711ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/isc-20220811-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

0446974b9a620865605a4b4a069c785d4074b91626de082693d38e9919b45a7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 225) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 6154
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 06:05:05 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "2016-5e5f0f26c146b"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=5909, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 15:00:24 GMT

GET
H2 200 isc-20220811-2.png
isc.sans.edu/diaryimages/images/ 86 KB
87 KB 916ms
705ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/isc-20220811-2.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

094e573149b449b401bddccb6f613f174aab9413abccdbbc051518e7a67b31cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 225) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 88129
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 06:07:18 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "17595-5e5f0fa52dbd9"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=5909, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 15:00:24 GMT

GET
H2 200 isc-20220811-3.png
isc.sans.edu/diaryimages/images/ 245 KB
245 KB 832ms
620ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/isc-20220811-3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

2b833f716ba3c8fb9c8c6596929854293fb59cb038d798c7f01bb470dd77f880

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 224) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 250651
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 06:09:00 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "4d16c-5e5f1006f3436"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=5909, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 15:00:24 GMT

GET
H2 200 isc-20220811-4.png
isc.sans.edu/diaryimages/images/ 59 KB
60 KB 943ms
732ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/isc-20220811-4.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

fd6a696a70605c76e0180f6f23a9c33dc0fd42e8c23e04730fc8ff3ba261b79e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 228) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 60537
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 06:10:11 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "13cea-5e5f104a0249e"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=5908, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 15:00:23 GMT

GET
H2 200 isc-20220811-5.png
isc.sans.edu/diaryimages/images/ 55 KB
55 KB 936ms
725ms Image
image/png 45.60.31.34
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://isc.sans.edu/diaryimages/images/isc-20220811-5.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.34 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

nc -l -p 80 /

Resource Hash

3a3998882dd58219ad9727234ba69f6c078d91f881814b34f0fc2b1dab40d98f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 11-71707758-0 0CNN RT(1660828915326 227) q(0 -1 -1 -1) r(0 -1)
permitted-cross-domain-policies: none
x-heyjason: DEV522 rocks
content-length: 56395
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 11 Aug 2022 06:15:33 GMT
server: nc -l -p 80
x-frame-options: SAMEORIGIN
etag: "111b4-5e5f117d1d26c"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubDomains
content-type: image/png
x-do-not-hack: 18 U.S.C. Parag 1030
cache-control: max-age=5909, public
content-security-policy: default-src 'self'; script-src https://isc.sans.edu 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self'; media-src 'self' https://traffic.libsyn.com https://hwcdn.libsyn.com https://content.libsyn.com; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; worker-src 'none'; frame-ancestors https://isc.sans.edu https://www.dshield.org https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; disown-opener; reflected-xss block; manifest-src 'self' https://isc.sans.edu; referrer origin-when-cross-origin; report-uri https://isc.sans.edu/cspreport.html;
expires: Thu, 18 Aug 2022 15:00:24 GMT

GET
H2 200 xavier-mertens.jpg
www.dshield.org/images/design/custom/headshots/ 3 KB
4 KB 321ms
319ms Image
image/jpeg 159.223.154.178
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dshield.org/images/design/custom/headshots/xavier-mertens.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

159.223.154.178 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

mail2.dshield.org

Software

nginx /

Resource Hash

f7ccdf7d534e1794156339ac61f77275e2426dbe5244e144886254c3053a3249

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dshield.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 13:21:55 GMT
x-content-type-options: nosniff
permitted-cross-domain-policies: none
x-heyjason: SEC522 rocks
content-length: 3248
x-xss-protection: 1; mode=block
x-isc-cdn: 6704cb8852
referrer-policy: same-origin
last-modified: Thu, 17 Mar 2022 13:23:47 GMT
server: nginx
x-frame-options: same
etag: "cb0-5da69f0a110ef"
expect-ct: max-age=0, report-uri="https://isc.sans.edu/cspreport.html"
strict-transport-security: max-age=31556926; includeSubdomains; preload
content-type: image/jpeg
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B

Domain: isc.sans.edu
URL: https://isc.sans.edu/js/count.js

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dshield.org/	1969-12-31 23:59:59	Name: __Secure-dshield Value: dgjecn0cqprf0c4jb8njnuk3e7
www.dshield.org/	1969-12-31 23:59:59	Name: sessionhash Value: 9388c5d30d42e5b2924a40cdb9fc91e5ab8f03cd3788a7428c4787c8936e752c
.sans.edu/	1970-01-20 14:05:39	Name: visid_incap_2188750 Value: DKJLWt+2TRyeO2nm5ZbqcPQ8/mIAAAAAQUIPAAAAAAAltEWO8HngxErkbWlNop2W
.sans.edu/	1969-12-31 23:59:59	Name: incap_ses_891_2188750 Value: iYkzHGGtmm+FhMvSenhdDPQ8/mIAAAAABRHM+3ka4+hEkjqhNUXGVA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.dshield.org/(Line 5) Message: Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-5T9DW3B' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.dshield.org/ Message: Refused to load the script 'https://isc.sans.edu/js/count.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' https://isc.sans.edu data:; font-src https://fonts.gstatic.com data: 'self'; connect-src 'self'; media-src 'self'; object-src 'none'; child-src 'self' https://www.sans.org; frame-src 'self' https://www.sans.org https://www.youtube.com; frame-ancestors 'self' https://www.sans.org; form-action 'self'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://isc.sans.edu/cspreport.html; manifest-src self https://isc.sans.edu;
Strict-Transport-Security	max-age=31556926; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	same
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

isc.sans.edu
www.dshield.org
www.googletagmanager.com
isc.sans.edu
www.googletagmanager.com
159.223.154.178
45.60.31.34
016cc93dc0c81d5f65f9afd80e68a35f9d06930b2e0d21a1e779378ce51261ae
0446974b9a620865605a4b4a069c785d4074b91626de082693d38e9919b45a7f
094e573149b449b401bddccb6f613f174aab9413abccdbbc051518e7a67b31cd
10b325a392531c8e79d4ccaddebcd159fd21ceb66bbb05748a97f16bc4166fa5
1535a9d5f783c3e0dc7dee187e5d92b9b2a8e59cd019e8a948d300ae4a5065e1
15eea93e6dd864ca6a0674c82e8c69c15753ca2feae5b52cd1622a3019bb5cf7
18b7e49a6696c5a278ac77eb98149048d0819df63ac265a2cf3abb26914d57c3
18c687470c0c80d13852ba66814b49535738a3492e1df5cb6cbc8af764cd2868
1ac3e55eecfcd1956d5372b631db28b5b80e3a5925f1c6481077df6944c85619
1f40e84bb8c3fe5aa328c1dbd48a6658c2fc3bcefd4e93de0d43814e970bd1bf
2213e950a943052ecb6a7b46e3b1bb7eced86b30d65f9dcdd4fd007784f1c9cf
257f76f771ac763499be6875b3e4319596c9c477589897c0411e9e619bcec7d5
27e506124d7970e52e90ad84cf45231a26c40d2093e86136654c8ac34a25d1b6
2b833f716ba3c8fb9c8c6596929854293fb59cb038d798c7f01bb470dd77f880
2d877bee53288d7332ca67d58ec7221ac15b9e535531102865a7b7303c1f876b
3034a62ad92170fabbc702017d79ef0e633d5da2b15efeb2e0109225f789a486
31ca6e893c4b2c00d5b70c14784091f62ad4c318ff0584a367d28c938c6287f7
3a3998882dd58219ad9727234ba69f6c078d91f881814b34f0fc2b1dab40d98f
3b085bf74df5725b7c9758aa4d242891a4eda8deedb64eb7dcea157c9c1a2fac
3bb562814d366095a71523f38db3237ad925371b177599721ffeb923f867098a
3da02ca12517c43a26d1abac27f4927c6d5252a22fcbbe030128db72ae5fc0fb
41c6f29862e18f3d2c7899d0fcc26a50ba39798665839e2e219c7ce9c9e32e27
42e1db70daa085aabed8feab1d04b0bc67bf544565c285785d173879c2d90b84
4747e579c7993e9920020842789e63c4860252825623426c331f412462f2a045
48e91d7404eab1e3ef0465f72688cce546352ef094c1355e7f06f59806e5ae44
4e19283ccfa5529eee1a66aa853a1e791e94c4c311c5c6623784792f42dfd4b0
51c435dbde41a340e749cd067bcf4897673f8c43a3257ec45eb70cfa61867348
5696ba07b4648fb7c6a9183eef752adf2816110e87c394178a619dfc96836512
5b25f10abb3aef248d869c8a072ad8e13c728565089f8a556afdd01b8a5cbbaf
5b7d63e32b05364adbca298d461c745ddaeb001482461c97bea54d9865690d27
5e0e93f1daaa09d2a541b9d7394107674982e1866f9a57b0aa0d4abdb663cb47
5f335fe583fdad5c70b6c71499a736ce7de3e5d40a496ef092cef2e0e331538e
66284c3a67c30e00475d7620469a9a4f838607fb91a6ee251936e730bb244cff
66807e8e108c648c970aeace0886706f8c95c616f036529a4b628525208f18e8
68151e32200f64f60f412bbc3ccde917a5fadb2f1a464cf7b3b77fd7675e6afc
747eae63a811c625dd72dc301ab38ba2c6f0e75d2ebb4153e6acba9c7d4d04f0
80bab0fce06cce9b0d11d8d7c5762706523db4da59642f4722b0811a09da41b8
852cc55df40883876c18ee26f595367d3d21f8bf0b562db7a2a76c5240b8b500
883fc965030cbe4773ce84d1280c1672f55d09990049f749e393280d8924345d
89c5c22f6288fd3777d339c10269f2fea06531fe7df75ea9e50b5bc8323fa8a6
8bef3fd6e85e429b19bdee05e47e8eb79bd0e3881bed4284e9e2952f9f6dd9c0
91342e6a65ee843f3edcfac2083df4dc1c09e2fec947b4372122a68118bed314
928390f1456b9afe3617d487cf7bb481c6f8ea333e12236ab04f402d518438b2
93677acbadea77e254b491589812f1e218a97adcd10a4957622b8c7a86e14181
9e728c3de6775653292b78ca183a95ff031e8865375f17d27f44a54b6a5de47b
a078ca983c92c525fe69bba051f7c1d0937c47c2f701868b6eecd13a5efc4263
a621f2443a50b045bd58a7a1bf8f205d011a6d3eb2e59734dfe2360ae654cf89
b052ca028ace897abaebae2c63026a09d4de1896014b595d29d9381053964929
b3e9e23a63942a20e5e40c9a00e6a93157896898a0e166dcf6ded2946ab3a310
b5ac7ec5bde333441b767cc685f5e6084f9ba37ecc12f33d2af801a6fa5afc5b
b927ed2eff7fca9c6f9224dd8cda6ae9194dd66321cb09474b079fff8caeef60
bfe54b53c2c41fb4d600f4c2c21aaf0316cb3c150c75acfd3c3f82ce2d3d40e4
c1899f311a78162fb68fac938bb683ed222024a6e426f2a12d059e53dfb07578
c8d94a00aa8207ad1b2fc05929af1533bf504dfc3260f98f7bfb016aa54602ee
c9279f0a089e9d767d5b6df42bbfdc1354817b1a03fed49e62fdc4518d338e8e
ca4e2005ddb23641869230f7a9a0de0cf8d40c62162249422478ec7e6300e568
cc9ae7d497329a5eca73e21429b751949aad15855cd77d1b29f9224b0857eddf
cd30ae4a4428a90a98b45878b83806a2be9dafa0e7c6b51ab28641bef703a36d
dcb2913439530f1c8606b006eaad415edbde02bcca47eea7b4c5d85c1a10ed56
e23226cdae247f779c7161c51993447183f9db727c7a3eaf50176137c7378c99
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e822f0984efb293dbe344fe6134c9a295a10a3fa2ecbc1695594180bdd719e9f
ee79f6d0d0dfcd3e080d0ac7fd6c87e6e4cc799c4d4bd88180ea3a64af3f922a
f03ae6c5f1db379acf38f6105d0ba27abe5498dc10670bfd17f508620c3e45e2
f14cd3838122912769720d925707aa273c7858138621053ac81056d15b5ef677
f7ccdf7d534e1794156339ac61f77275e2426dbe5244e144886254c3053a3249
f8e97c36779891ad251153beefb65310c9610d128bd05cb464865a248607ee1c
fd6a696a70605c76e0180f6f23a9c33dc0fd42e8c23e04730fc8ff3ba261b79e

www.dshield.org Open in urlscan Pro 159.223.154.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

4152 kBTransfer

4125 kBSize

4 Cookies

65 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.dshield.org Open in urlscan Pro
159.223.154.178 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

4152 kB
Transfer

4125 kB
Size

4
Cookies

67 HTTP transactions
4 data transactions