www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mandiant.com/resources/blog/wannacry-malware-profile
Submission: On October 05 via manual (October 5th 2023, 3:23:53 pm UTC) from SG — Scanned from SG

Summary HTTP 106 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 27 domains to perform 106 HTTP transactions. The main IP is 2606:4700:300b::a29f:f17d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com. The Cisco Umbrella rank of the primary domain is 487734.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 2nd 2023. Valid for: a year.

This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700:300... 2606:4700:300b::a29f:f17d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c05::5f	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e6:... 2606:4700:e6::ac40:cb0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2404:6800:400... 2404:6800:4003:c04::69	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c04::61	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9a	15169 (GOOGLE) (GOOGLE)
1	151.101.108.157 151.101.108.157	54113 (FASTLY) (FASTLY)
2	2403:e800:e80... 2403:e800:e80b::2a63:8cc0	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
2	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2404:6800:400... 2404:6800:4003:c1c::71	15169 (GOOGLE) (GOOGLE)
1	13.224.250.18 13.224.250.18	16509 (AMAZON-02) (AMAZON-02)
2	23.50.91.74 23.50.91.74	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:4341	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c02::9c	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c01::5e	15169 (GOOGLE) (GOOGLE)
2	54.147.237.138 54.147.237.138	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2600:9000:20c... 2600:9000:20c7:800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.155.68.96 18.155.68.96	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
8	96.17.96.31 96.17.96.31	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	2600:1413:b00... 2600:1413:b000:6::17d5:2bc6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
106	32

38 2606:4700:300b::a29f:f17d (United States)

ASN13335 (CLOUDFLARENET, US)

www.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cb0b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn4.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c04::69 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9a (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.108.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2403:e800:e80b::2a63:8cc0 (Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c1c::71 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-18.sin52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.50.91.74 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-91-74.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c02::9c (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.237.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-237-138.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

565-pei-952.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c7:800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-96.sin52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.17.96.31 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-96-31.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1413:b000:6::17d5:2bc6 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	mandiant.com www.mandiant.com — Cisco Umbrella Rank: 487734	2 MB
12	gstatic.com www.gstatic.com	1 MB
10	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 178	70 KB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 6581 c.6sc.co — Cisco Umbrella Rank: 9925 ipv6.6sc.co — Cisco Umbrella Rank: 6931 b.6sc.co — Cisco Umbrella Rank: 4494	18 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416 www.linkedin.com — Cisco Umbrella Rank: 708 px4.ads.linkedin.com — Cisco Umbrella Rank: 6066	5 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 11695 scout.salesloft.com — Cisco Umbrella Rank: 14215	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	991 B
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4217	28 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3987	6 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	87 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 981	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	201 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 248	398 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 456	16 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 869	395 B
1	t.co t.co — Cisco Umbrella Rank: 614	376 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1230	388 B
1	mktoresp.com 565-pei-952.mktoresp.com	318 B
1	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12369	408 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 792	15 KB
1	iconfinder.com cdn4.iconfinder.com — Cisco Umbrella Rank: 96149	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	5 KB
106	27

	Domain	Requested by
38	www.mandiant.com	www.mandiant.com
12	www.gstatic.com	www.mandiant.com www.google.com www.gstatic.com
8	www.google.com	1 redirects www.mandiant.com www.gstatic.com www.google.com
6	b.6sc.co
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.mandiant.com
3	static.addtoany.com	www.mandiant.com static.addtoany.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	munchkin.marketo.net	www.mandiant.com munchkin.marketo.net
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googletagmanager.com	www.mandiant.com www.googletagmanager.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	bam.nr-data.net	js-agent.newrelic.com
1	j.6sc.co	www.mandiant.com
1	js-agent.newrelic.com	www.mandiant.com
1	script.hotjar.com	static.hotjar.com
1	www.facebook.com	www.mandiant.com
1	analytics.twitter.com	www.mandiant.com
1	t.co	www.mandiant.com
1	px4.ads.linkedin.com	www.mandiant.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	565-pei-952.mktoresp.com	munchkin.marketo.net
1	www.google.com.sg	www.mandiant.com
1	scout-cdn.salesloft.com	www.mandiant.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.mandiant.com
1	cdn4.iconfinder.com	www.mandiant.com
1	fonts.googleapis.com	www.mandiant.com
1	cdnjs.cloudflare.com	www.mandiant.com
106	36

This site contains links to these domains. Also see Links.

Domain
careers.google.com
login.mandiant.com
www.mandiant.fr
www.mandiant.de
www.mandiant.it
www.mandiant.jp
www.mandiant.kr
www.mandiant.es
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
selling.mandiant.com
policies.google.com
cloud.google.com

Subject Issuer	Validity	Valid
mandiant.com Cloudflare Inc ECC CA-3	`2023-04-02` - `2024-04-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-14` - `2023-10-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-03` - `2024-01-03`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
6sc.co R3	`2023-08-19` - `2023-11-17`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.mandiant.com/resources/blog/wannacry-malware-profile
Frame ID: 001369508F7A7169C7B4DFCDC1B611F8
Requests: 91 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: BF39E51176CF97BEA9F14FD9F59B6B4E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=m2tlt9v1usag
Frame ID: 4633BE17EE97D8E6656B07D923463166
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&size=compact&cb=kjm0471dwqwm
Frame ID: 592583FB716328C6E898DB11A48C3810
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: E12E0163A0F80E7A4FF6D2C52439F0AF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 2E4CE4F8AF38F9A11C75871139541BDE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WannaCry Malware Profile | Mandiant

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

106
Requests

98 %
HTTPS

64 %
IPv6

27
Domains

36
Subdomains

32
IPs

4
Countries

3709 kB
Transfer

7624 kB
Size

33
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://careers.google.com/
Title: Careers Life at Mandiant and open roles

Search URL Search Domain Scan URL

URL: https://login.mandiant.com/
Title: Sign in to Advantage

Search URL Search Domain Scan URL

URL: https://www.mandiant.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.mandiant.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.mandiant.it/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.mandiant.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.mandiant.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.mandiant.es/
Title: Español

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mandiant

Search URL Search Domain Scan URL

URL: https://twitter.com/Mandiant

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCexu0DP7VKdDByusuTA53FQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mandiant/

Search URL Search Domain Scan URL

URL: https://selling.mandiant.com/mandiant/sso.aspx
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en-US
Title: Website Privacy Policy

Search URL Search Domain Scan URL

URL: https://cloud.google.com/product-terms#section-15
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1160344414.1696519427&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&gtm=45He3a20n81T72STLD&auid=1673439808.1696519427 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1160344414.1696519427&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&gtm=45He3a20n81T72STLD&auid=1673439808.1696519427

Request Chain 72

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3460746%26time%3D1696519427269%26url%3Dhttps%253A%252F%252Fwww.mandiant.com%252Fresources%252Fblog%252Fwannacry-malware-profile%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true&liSync=true&e_ipv6=AQLs9yDwK7XFnwAAAYsAcBkCaoGHBgijIb4WFvSxiiSpdkoBam2iV5mhmbRuYtgfsIa2FI9GsfU

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wannacry-malware-profile Show response
www.mandiant.com/resources/blog/ 162 KB
44 KB 1621ms
1599ms Document
text/html 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa35318f1677afe48e000781847cca85bb7f87e3b0e7b7fc42674e278ccf03b

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: public, max-age=2764800, stale-if-error=3600, stale-while-revalidate=3600
cf-cache-status: EXPIRED
cf-ray: 8116aad8f93987e7-SIN
content-encoding: gzip
content-language: en
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 15:23:44 GMT
expect-ct: max-age=86400
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 05 Oct 2023 14:45:59 GMT
referrer-policy: strict-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
surrogate-control: max-age=86400
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: v-e60390cc-638d-11ee-b183-275a5a12627f
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 google_tag.script.js Show response
www.mandiant.com/sites/default/files/google_tag/google_tag_manager/ 348 B
419 B 1079ms
1077ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?s21kc2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 32
date: Thu, 05 Oct 2023 15:23:45 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 280
x-request-id: v-79ed6ae2-6343-11ee-b31e-574254eaf62e
last-modified: Thu, 05 Oct 2023 05:52:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aae309d687e7-SIN
expires: Thu, 19 Oct 2023 15:23:45 GMT

GET
H2 200 css_99A_wxbs0PBomLoEkJxyfTEWUMJPU78MRQg6gq6Dyx0.css
www.mandiant.com/sites/default/files/css/ 20 KB
5 KB 1066ms
1065ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_99A_wxbs0PBomLoEkJxyfTEWUMJPU78MRQg6gq6Dyx0.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7d03fc316ecd0f06898ba04909c727d311650c24f53bf0c45083a82ae83cb1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 2879
date: Thu, 05 Oct 2023 15:23:45 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 4774
x-request-id: v-fdaa37fc-62a8-11ee-88c6-bf3457146184
last-modified: Wed, 06 Sep 2023 10:47:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aae309d787e7-SIN
expires: Thu, 19 Oct 2023 15:23:45 GMT

GET
H2 200 css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
www.mandiant.com/sites/default/files/css/ 662 KB
78 KB 1082ms
1081ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c57a249aa494671298ccf0f4e34804f904d1844f52b8bfec1a60b47906ec52fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 9175
date: Thu, 05 Oct 2023 15:23:45 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 79670
x-request-id: v-f453e158-62a8-11ee-9de5-4bdbf3ca683b
last-modified: Wed, 04 Oct 2023 11:23:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aae309d987e7-SIN
expires: Thu, 19 Oct 2023 15:23:45 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 23ms
10ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4995831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4364
last-modified: Thu, 22 Jun 2023 11:02:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3a-110c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5GGc1mXKC7x6ODPzfXw6hDdaHeZRjQTdm8IUPus8hnTxt2n7CFGXrw2MgUW3FJrIyuHfbnkqgH9afKMgz6dYj8ALIJXF6UvL%2FtlBgrQd8sL5B5hxVULPyme3%2BsDWH70a1KnzmPTHRLq2SkgBVNMVsnd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8116aae31b6e5cdd-SIN
expires: Tue, 24 Sep 2024 15:23:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
2 KB 21ms
8ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400&family=Google+Sans:wght@500&display=swap

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

640f2bf8138db0c5d698fb37b044d7788afdf119737a76ae2ccca2710f6c2244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 15:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 15:23:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 15:23:44 GMT

GET
H2 200 cookienotificationbar.min.css
www.gstatic.com/glue/cookienotificationbar/ 8 KB
2 KB 18ms
5ms Stylesheet
text/css 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369564d916b5510b303fd6a5fa4d1a6c722e92da8b0657ce42f59c6e7d50f4b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1628
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 16:10:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Thu, 05 Oct 2023 15:23:44 GMT

GET
H2 200 icon-close-512.png
cdn4.iconfinder.com/data/icons/ionicons/512/ 8 KB
9 KB 45ms
17ms Image
image/png 2606:4700:e6::ac40:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.iconfinder.com/data/icons/ionicons/512/icon-close-512.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8f374db7134ee88f3bd1f79ba5775c50f4a79b33582530be0b661c1506b931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:45 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 475419
content-disposition: inline; filename="568140.png"
alt-svc: h3=":443"; ma=86400
content-length: 8351
x-request-id: 70852912-4a19-41c5-b7dd-b5838c1e234f
last-modified: Fri, 29 Sep 2023 21:10:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FSM3kx6H6tI6C%2BjYbDXMpox2E9KoaqlLJqBClBKxco%2FVflnngRESyTYHO3wQAQYTsaoJLhAZpBBz5%2BQQwTmZUg%2F2a2MkeWAXBVU9jtI8eE8bSKetKWyfBSV%2BMrXjNjML3ZSYchM3ngtdmsxJwK1%2BxxR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8116aaea4b7a40a6-SIN
expires: Fri, 04 Oct 2024 15:23:45 GMT

GET
H2 200 defenders-advantage-guide-to-activate.png
www.mandiant.com/sites/default/files/2023-06/ 130 KB
130 KB 1051ms
1048ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-06/defenders-advantage-guide-to-activate.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

834cda0be10787417a47240202b776751235b6d14521976d11fbf5734333c3f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 3957
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 132685
x-request-id: v-fc6680da-62a8-11ee-8ba1-4b1373d7b5a3
last-modified: Fri, 30 Jun 2023 10:32:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea1f8b87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 esg-logo.png
www.mandiant.com/sites/default/files/inline-images/ 44 KB
44 KB 295ms
292ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/esg-logo.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

921fbb814b7230690438275f49488ea721567be50a54efdd194e52bc5058d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 3937
date: Thu, 05 Oct 2023 15:23:45 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 45049
x-request-id: v-fc685220-62a8-11ee-9f8e-b73eb8170085
last-modified: Fri, 02 Jun 2023 07:53:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea1f8d87e7-SIN
expires: Thu, 19 Oct 2023 15:23:45 GMT

GET
H2 200 js_v743Hn_dAOm0Grpq6-lyIw9m1CMeIg6VR6nrrICP4lo.js Show response
www.mandiant.com/sites/default/files/js/ 103 KB
35 KB 1044ms
1044ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_v743Hn_dAOm0Grpq6-lyIw9m1CMeIg6VR6nrrICP4lo.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfbe371e7fdd00e9b41aba6aebe972230f66d4231e220e9547a9ebac808fe25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 7453
date: Thu, 05 Oct 2023 15:23:46 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 35455
x-request-id: v-f9a1e81c-62a8-11ee-ab28-2bfce7331ff5
last-modified: Wed, 06 Sep 2023 10:47:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aae9cf4987e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 23ms
10ms Script
text/javascript 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3cd300abe64782f79ed606e66ec87dff9df73e71774570ae95693f258fcff365

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 15:23:45 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 37ms
17ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:45 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 104018
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Sep 2023 10:29:33 GMT
server: cloudflare
etag: W/"c09-60618514a9dca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 8116aaea3e2c494f-SIN

GET
H2 200 js_ut22-Xd5RoHxYB60ZS4rmHMrmW74oB081gQNGX4ftYY.js Show response
www.mandiant.com/sites/default/files/js/ 459 KB
132 KB 1068ms
1068ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_ut22-Xd5RoHxYB60ZS4rmHMrmW74oB081gQNGX4ftYY.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baddb6f977794681f1601eb4652e2b98732b996ef8a01d3cd6040d197e1fb586

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 9183
date: Thu, 05 Oct 2023 15:23:46 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 134612
x-request-id: v-f477eb70-62a8-11ee-bab4-1fe27b876072
last-modified: Wed, 04 Oct 2023 08:06:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aae9df5f87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 accordion.frontend.js Show response
www.mandiant.com/modules/contrib/ckeditor_accordion/js/ 10 KB
3 KB 1045ms
1041ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/modules/contrib/ckeditor_accordion/js/accordion.frontend.js?s21kc2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d5e5ce7eff2e417f3a3de1b61fb564712a14571393164dc4146dd94c99b95ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 16434
date: Thu, 05 Oct 2023 15:23:46 GMT
content-encoding: gzip
via: varnish
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
age: 34231
x-cache: HIT
x-ah-environment: prod
content-length: 2642
x-request-id: v-79ef2c10-6343-11ee-b5d5-af1dc8980407
last-modified: Fri, 17 Feb 2023 05:36:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea1f8687e7-SIN
expires: Thu, 19 Oct 2023 05:53:15 GMT

GET
H2 200 js_EndR9TYA4dXiqr2GB478bpkzEEeSQB0Tuo9UvyeOm-U.js Show response
www.mandiant.com/sites/default/files/js/ 29 KB
8 KB 1038ms
1033ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_EndR9TYA4dXiqr2GB478bpkzEEeSQB0Tuo9UvyeOm-U.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127751f53600e1d5e2aabd86078efc6e9933104792401d13ba8f54bf278e9be5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8743
date: Thu, 05 Oct 2023 15:23:46 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 7824
x-request-id: v-f4749ea2-62a8-11ee-9386-0f90377665e6
last-modified: Wed, 06 Sep 2023 10:47:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea1f8887e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 cookienotificationbar.min.js Show response
www.gstatic.com/glue/cookienotificationbar/ 17 KB
6 KB 11ms
7ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad73868410cff1f60dba2e6425cec69e621be852b1e89e28339a5c857ba6ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6397
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 16:10:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Thu, 05 Oct 2023 15:23:45 GMT

GET
H2 200 fontloader.built.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 53ms
50ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8777
date: Thu, 05 Oct 2023 15:23:45 GMT
content-encoding: gzip
via: varnish
cf-cache-status: HIT
x-content-type-options: nosniff
age: 181
x-cache: HIT
x-ah-environment: prod
content-length: 2334
x-request-id: v-fc67e4e8-62a8-11ee-ac56-d311e24d163e
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea1f8e87e7-SIN
expires: Thu, 19 Oct 2023 15:23:45 GMT

GET
H2 200 menu-drop-down.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 207 B
280 B 1056ms
1056ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/menu-drop-down.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c4f02f1f6a5e491336064c0d0bdcd6914d5794a431a359c1f684cec8ed77f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8709
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-fc6cb5a4-62a8-11ee-bc66-8b5c80da61e6
last-modified: Wed, 26 Oct 2022 19:35:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3f9c87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 see-what.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 740 B
504 B 1079ms
1074ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/see-what.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d544d04a6282b544aa3fbc8e024e41f00902673fe34f774092c02d4e7d6712

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8724
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-f56d6668-62a8-11ee-a5ef-23ec372c17da
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fa787e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 incident-response.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 777 B
546 B 1080ms
1074ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident-response.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860f45e645e33a50a9a34186d5c0558df4198829fe98679a4a6e1e754fca1aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8684
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-f56d6668-62a8-11ee-a172-5325d095c1de
last-modified: Wed, 26 Oct 2022 19:55:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fac87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 incident.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 1023 B
662 B 1043ms
1038ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8303
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-fc6fec6a-62a8-11ee-a9f8-cb3f0bae14d2
last-modified: Wed, 26 Oct 2022 19:35:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fad87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 contact-sales.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 613 B
485 B 1062ms
1057ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact-sales.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887dea1b760d630afcbae650e3259dc18ef1a7fe3137ab715a56005a69f921b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8668
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-f58b99ee-62a8-11ee-9937-6f4f4a3e4100
last-modified: Wed, 26 Oct 2022 19:35:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fb187e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 contact.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 716 B
565 B 1049ms
1044ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8305
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-fc6c553c-62a8-11ee-b6ef-531e08f7d4a2
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fb387e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 support.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 4 KB
2 KB 1101ms
1096ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/support.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8676
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-f59ec3fc-62a8-11ee-9aab-2fa438aded11
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fb687e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 sign-in.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 630 B
442 B 1107ms
1103ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/sign-in.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf204863b72594d7da599f0ad2cfb43573b91d2ef348983d8890f64ba9858d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8655
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-f5aeaa24-62a8-11ee-a76a-9b7340a3bdc3
last-modified: Wed, 26 Oct 2022 19:35:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fb887e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 menu-arrow-white.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 752 B
456 B 1109ms
1105ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/menu-arrow-white.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f41b6056bfd2eb59371fabdc40b3970f02458ee463aa92385fe214fb00aebae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8620
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-f5b54f78-62a8-11ee-8bfc-eb418186337a
last-modified: Wed, 26 Oct 2022 19:55:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fba87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 advantage-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 203 B
275 B 1082ms
1079ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/advantage-arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8302
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-fc6c9dda-62a8-11ee-a79f-53c0aaf84086
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea3fbd87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 gray-circle.png
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/backgrounds/ 9 KB
9 KB 1097ms
1094ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/backgrounds/gray-circle.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfbbb6a8bb9482b6bddbba133d70d9ac28fea886ede20ecdaf3110d5c70dba6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 5521
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 8943
x-request-id: v-f9ee55d0-62a8-11ee-83e8-3b2af8108cec
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea4fbe87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 cyber-defense-self-assessment-background-image.png
www.mandiant.com/sites/default/files/2023-05/ 440 KB
441 KB 1075ms
1074ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-05/cyber-defense-self-assessment-background-image.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

943fd20cc1415adb436d84b5c33b49c9873ae1241df51b2507284bcfc19203db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 3838
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 450481
x-request-id: v-fc71ee16-62a8-11ee-94a9-73420f58b05e
last-modified: Mon, 29 May 2023 11:19:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea4fc787e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 magenta-to-red-gradient.jpg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 61 KB
61 KB 1047ms
1046ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/magenta-to-red-gradient.jpg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56dc3783735b873af61135d410e3ccec9dfd565a5961fd707e85d1d6b654af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 7124
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 62175
x-request-id: v-fc6ee900-62a8-11ee-9176-bb941c275638
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
cf-bgj: h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea4fc987e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 white-cta-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 750 B
449 B 1119ms
1118ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/white-cta-arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff46ab88d5fe2880ee24e0a56c4f423096ea4eb7b80e0fc8032319e26b5a002b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8232
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-fc6ed46a-62a8-11ee-b104-0344a17faa68
last-modified: Wed, 26 Oct 2022 19:55:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8116aaea4fca87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 footer-bg-transparent.png
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 134 KB
134 KB 1057ms
1057ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/footer-bg-transparent.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8634
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 136986
x-request-id: v-f7191d68-62a8-11ee-a084-d740d5f9aa06
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea4fcb87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 MaterialIcons-Outlined.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/ 148 KB
148 KB 1092ms
1092ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/MaterialIcons-Outlined.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 10699
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 151244
x-request-id: v-f5a16c1a-62a8-11ee-929d-23d080f2b6dd
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea5fce87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
56 KB 1093ms
1092ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 10184
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 57572
x-request-id: v-f7d21ad4-62a8-11ee-b510-1fc033958f25
last-modified: Wed, 26 Oct 2022 19:55:35 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea5fd187e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 1038ms
1038ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 10570
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 56020
x-request-id: v-f71bdac6-62a8-11ee-8966-8b50be2f311d
last-modified: Wed, 26 Oct 2022 19:35:15 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea5fd287e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 GoogleSansDisplay-Medium.ttf
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/ 154 KB
154 KB 1079ms
1078ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/GoogleSansDisplay-Medium.ttf

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f76ce833f021609c95e4f7aa037a19cfb33bcfe5dd6e25ead5b6fb61add6050

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 4556
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 157860
x-request-id: v-fc8cdb40-62a8-11ee-9c98-2b1aef1086f5
last-modified: Wed, 22 Feb 2023 07:03:57 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea5fdd87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 GoogleSans-Regular.ttf
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/ 154 KB
154 KB 1094ms
1093ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/GoogleSans-Regular.ttf

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db8889219047b9dab1299759fc44d56af45ee4e683961df1d54d1f0ef783690a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 4354
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 157868
x-request-id: v-fc895ec0-62a8-11ee-b40b-5fa57dd1d59f
last-modified: Wed, 22 Feb 2023 07:04:30 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea5fde87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 GoogleSans-Medium.ttf
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/ 154 KB
155 KB 1051ms
1050ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/GoogleSans-Medium.ttf

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ec4c07fa6575aecd81e6087d091d41a69e45a89b29ee147db3f09323e6f5638

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 5144
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 157980
x-request-id: v-fc8a4aa6-62a8-11ee-a18c-cbea1fad2e8b
last-modified: Wed, 22 Feb 2023 07:03:43 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaea5fe187e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H2 200 PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 71 KB
71 KB 1028ms
1027ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 10367
date: Thu, 05 Oct 2023 15:23:46 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 72380
x-request-id: v-f6fa9816-62a8-11ee-ade8-63f24a182dc4
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaeac82f87e7-SIN
expires: Thu, 19 Oct 2023 15:23:46 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ 471 KB
187 KB 15ms
6ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a36a289f192da3683b7def57ee9e730924144a65bbe6a3b5173d22b3eab9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 18:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191855
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 18:15:41 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame BF39 677 B
564 B 25ms
25ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 803652
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 8116aaf07cd1494f-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 05 Oct 2023 15:23:46 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.f4498a6a.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 38ms
30ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.f4498a6a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:46 GMT
via: e7s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 716148
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 24 Sep 2023 10:29:31 GMT
server: cloudflare
etag: W/"11650-606185138cb5e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 8116aaf07f1e6022-SIN

GET
H2 200 974.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 11 KB
3 KB 1119ms
1119ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?ed9f0d

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_ut22-Xd5RoHxYB60ZS4rmHMrmW74oB081gQNGX4ftYY.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

201492c149f68b701455a2d046549a318a76ed5bca4ab13ebd913dbd14710246

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8558
date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 3375
x-request-id: v-feb591f0-62a8-11ee-a5e5-7b35f4bbc980
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaf0fd0287e7-SIN
expires: Thu, 19 Oct 2023 15:23:47 GMT

GET
H2 200 404.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 406 B
406 B 1047ms
1047ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_ut22-Xd5RoHxYB60ZS4rmHMrmW74oB081gQNGX4ftYY.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 8519
date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 263
x-request-id: v-ff68854e-62a8-11ee-9a81-4fd7d1b5ef27
last-modified: Wed, 26 Oct 2022 19:55:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaf0fd0487e7-SIN
expires: Thu, 19 Oct 2023 15:23:47 GMT

GET
H3 200 2a.json Show response
www.gstatic.com/glue/cookienotificationbar/config/ 22 B
67 B 6ms
6ms Fetch
application/json 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/config/2a.json?hl=en

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a1f98fca203b8561519a06bacfdc50e4b3c4a5a71e740da5b0875bd4fc00d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Thu, 05 Oct 2023 15:23:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 397 KB
111 KB 43ms
32ms Script
application/javascript 2404:6800:4003:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?s21kc2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6923ec152fa558d800877bc4a71aabdb888c57238f66a122351dccd52f6c3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113690
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Oct 2023 15:23:46 GMT

GET
H2 200 Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
57 KB 1087ms
1087ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 9194
date: Thu, 05 Oct 2023 15:23:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 57764
x-request-id: v-f7ccc96c-62a8-11ee-ad37-67cd5d918a51
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaf1cda087e7-SIN
expires: Thu, 19 Oct 2023 15:23:47 GMT

GET
H2 200 Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 1055ms
1055ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 9084
date: Thu, 05 Oct 2023 15:23:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 55968
x-request-id: v-f7ce251e-62a8-11ee-93b0-632b0339014d
last-modified: Wed, 26 Oct 2022 19:35:15 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaf1cda387e7-SIN
expires: Thu, 19 Oct 2023 15:23:47 GMT

GET
H2 200 Barlow-MediumItalic.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 59 KB
59 KB 283ms
283ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-MediumItalic.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_xXokmqSUZxKYzPD040gE-QTRhE9SuL_sGmC0eQbsUvs.css
Origin: https://www.mandiant.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 3471
date: Thu, 05 Oct 2023 15:23:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 60612
x-request-id: v-2171baf2-62a9-11ee-be51-7bf694e47664
last-modified: Wed, 26 Oct 2022 19:35:15 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8116aaf1ddab87e7-SIN
expires: Thu, 19 Oct 2023 15:23:47 GMT

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1160344414.1696519427&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&gtm=45He3a20n81T72STLD&auid=167343...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1160344414.1696519427&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&gtm=45He3a20n81T72STL...

42 B
588 B

27ms
9ms

Ping
image/gif

2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1160344414.1696519427&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&gtm=45He3a20n81T72STLD&auid=1673439808.1696519427

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Server

2404:6800:4003:c04::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1160344414.1696519427&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&gtm=45He3a20n81T72STLD&auid=1673439808.1696519427
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 239ms
74ms Script
application/javascript 151.101.108.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.108.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-tyo11952-TYO

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 135ms
36ms Script
application/x-javascript 2403:e800:e80b::2a63:8cc0
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2403:e800:e80b::2a63:8cc0 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=10162
accept-ranges: bytes
content-length: 3822

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 16ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Oct 2023 15:23:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: 9oQsPdZtNbHaA7RkDr2dBM9IGH5IHPT0AZhy+149HajomrjzpHJrN7rPERmA3hgLTlz5BzSPCeqYsOFCAo9Flg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 76ms
39ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 05 Oct 2023 15:23:46 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 269D7D886EF64204A9CDC36C0CCDD593 Ref B: SIN30EDGE0107 Ref C: 2023-10-05T15:23:47Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 19ms
7ms Script
text/javascript 2404:6800:4003:c1c::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 13:30:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6788
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Oct 2023 15:30:39 GMT

GET
H2 200 hotjar-3008912.js Show response
static.hotjar.com/c/ 9 KB
4 KB 362ms
184ms Script
application/javascript 13.224.250.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3008912.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.250.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-250-18.sin52.r.cloudfront.net

Software

Resource Hash

fa56ee1544dee5ed44943cac1bf689538256137babd0083fe7a212b8c5b286e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 15:23:47 GMT
via: 1.1 ccd5ce8e69d2dc421327946b6ecb3cbc.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-C2
etag: W/bbcadc4ca842614b211e911035bb4159
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: R5rH1y64CMpN3rDZcTBixFFmNKYgkLFdJkOByFMEE1abVdwpFzuxEA==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 29ms
7ms Script
application/x-javascript 23.50.91.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.91.74 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-91-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 15:23:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 91ms
12ms Script
application/javascript 2606:4700::6811:4341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: M99D0EDN6HKJW7Z3
age: 1528
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NCvKKbN699X6sies2OErIQkdpWb0QAAi4H2v2Og73h4NQ1/O6jJaOJVH14XTmPsaeX8aKbTY08ba5PmH/DhfNQ==
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8116aaf3ae214028-SIN
expires: Thu, 05 Oct 2023 19:23:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 10ms
8ms Script
application/javascript 2404:6800:4003:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

20900525090b613095321f17eef4de3803f98dd8b301ff97a972b1b3b073728e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 15:23:47 GMT

GET
H2 200 880805232811859 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 252ms
251ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/880805232811859?v=2.9.132&r=stable&domain=www.mandiant.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a93f576b64cd12b48926072b894285e0e986305488d148a0c1a74f140c159cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Oct 2023 15:23:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: wMhjRRoIdmq0eZmlWGm5EkaZrMFMvd6X1faKOf9K0z0811i2T7k075z1UPdhkd9o1lfzu0ATK3+Xv3o1kl6YlQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 6ms
5ms XHR
text/plain 2404:6800:4003:c1c::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=526566564&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&ul=en-us&de=UTF-8&dt=WannaCry%20Malware%20Profile%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAEK~&jid=648299655&gjid=1958445234&cid=434456925.1696519427&tid=UA-203244293-1&_gid=1418573454.1696519427&_slc=1&gtm=45He3a20n81T72STLD&cg1=threat%20research&cg2=resources&cd2=Pageview&cd3=1696519427053.u12rjjkb&cd4=2023-10-05T23%3A23%3A47.53%2B08%3A00&cd5=&cd15=alex%20berry%2C%20josh%20homan%2C%20randi%20eitzman&cd16=may%2023%2C%202017&cd24=unknown&gcs=G111&cd1=434456925.1696519427&z=1877658204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 14ms
4ms XHR
text/plain 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-203244293-1&cid=434456925.1696519427&jid=648299655&gjid=1958445234&_gid=1418573454.1696519427&_u=YGBAgEABAAAAAGAEK~&z=1836709246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Oct 2023 15:23:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
255 B 17ms
4ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=45je3a20&_p=526566564&_gaz=1&gcs=G111&cid=434456925.1696519427&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696519427&sct=1&seg=0&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&dt=WannaCry%20Malware%20Profile%20%7C%20Mandiant&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 7ms
4ms Ping
text/plain 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X6642ZTDJ7&cid=434456925.1696519427&gtm=45je3a20&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 21ms
9ms Image
image/gif 2404:6800:4003:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X6642ZTDJ7&cid=434456925.1696519427&gtm=45je3a20&aip=1&z=525863036

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 6ms
6ms Script
application/x-javascript 23.50.91.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.91.74 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-50-91-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 15:23:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sat, 13 Jan 2024 15:23:47 GMT

GET
H2 204 5870833.js Show response
bat.bing.com/p/action/ 0
117 B 40ms
40ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5870833.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 05 Oct 2023 15:23:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD0FE8DD6729455DA00FA1C252D808BF Ref B: SIN30EDGE0107 Ref C: 2023-10-05T15:23:47Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
362 B 38ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5870833&tm=gtm002&Ver=2&mid=f4fe8776-164b-4560-9b8d-82ef5cf5b943&sid=2da0f3c0639311eeaac0678665f571dc&vid=2da108c0639311eeab04652ef803508c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=WannaCry%20Malware%20Profile%20%7C%20Mandiant&p=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&r=&lt=3988&evt=pageLoad&sv=1&rn=918540

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 05 Oct 2023 15:23:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C77B71FF9193452F802777B9E9C98A4B Ref B: SIN30EDGE0107 Ref C: 2023-10-05T15:23:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
358 B 824ms
238ms XHR
application/json 54.147.237.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDUwMDl9.GHpZgHyRyFl9iN7anlcbMbmW3chPCQZrSX98AJ7UjM8

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.237.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-237-138.compute-1.amazonaws.com

Software

Resource Hash

1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandiant.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 610f6c9d6f44bbb3de59eccc2aaaeeba

POST
H/1.1 200
OK visitWebPage
565-pei-952.mktoresp.com/webevents/ 2 B
318 B 1621ms
248ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://565-pei-952.mktoresp.com/webevents/visitWebPage?_mchNc=1696519427208&_mchCn=&_mchId=565-PEI-952&_mchTk=_mch-mandiant.com-1696519427207-91491&_mchHo=www.mandiant.com&_mchPo=&_mchRu=%2Fresources%2Fblog%2Fwannacry-malware-profile&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 15:23:48 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 013d0b02-9e6f-4cc1-a43a-8a406f084c1f

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 40ms
39ms Script
application/x-javascript 2403:e800:e80b::2a63:8cc0
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2403:e800:e80b::2a63:8cc0 , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58763
accept-ranges: bytes
content-length: 4862

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3460746/domain/mandiant.com/ 36 B
388 B 17ms
5ms XHR
application/json 2600:9000:20c7:800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3460746/domain/mandiant.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.mandiant.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 00:28:00 GMT
content-encoding: gzip
via: 1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 312947
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
x-amz-cf-id: LdSQrX_moyhAXPIupmJhkUi7ToQctmcTFf1gYZXMgHSdMRICgxJEVw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3460746%26time%3D1696519427269%26url%3Dhttps%253A%252F%252Fwww.mandiant.com%252Fr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true&liSync=true&e_ipv6=A...

0
490 B

268ms
253ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true&liSync=true&e_ipv6=AQLs9yDwK7XFnwAAAYsAcBkCaoGHBgijIb4WFvSxiiSpdkoBam2iV5mhmbRuYtgfsIa2FI9GsfU
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:48 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 58AC17A3495841E8B18066C572FD5276 Ref B: SIN30EDGE0708 Ref C: 2023-10-05T15:23:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG+bXlsNeK+tKZa5lukQ==

Redirect headers

date: Thu, 05 Oct 2023 15:23:47 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AB6313B8CEDC4427849D89600EF10F94 Ref B: SIN30EDGE0508 Ref C: 2023-10-05T15:23:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1696519427269&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&cookiesTest=true&liSync=true&e_ipv6=AQLs9yDwK7XFnwAAAYsAcBkCaoGHBgijIb4WFvSxiiSpdkoBam2iV5mhmbRuYtgfsIa2FI9GsfU
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG+bXhX0CPQ1dE6oOW/A==

GET
H2 200 adsct
t.co/i/ 43 B
376 B 181ms
164ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=540f5562-a5d6-490e-a507-44b807e3a623&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=637d836e-3ab1-406e-be2c-29b768b6b8a9&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5b0k&type=javascript&version=2.3.29

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_k /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 161
date: Thu, 05 Oct 2023 15:23:46 GMT
strict-transport-security: max-age=0
server: tsa_k
content-type: image/gif;charset=utf-8
x-transaction-id: eac464e226a2dbf5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e1944ec23f714ad9761fae0860063b8a7c287523a13eb383dfff32b7abf78bf4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 186ms
167ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=540f5562-a5d6-490e-a507-44b807e3a623&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=637d836e-3ab1-406e-be2c-29b768b6b8a9&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5b0k&type=javascript&version=2.3.29

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_k /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 164
date: Thu, 05 Oct 2023 15:23:46 GMT
strict-transport-security: max-age=631138519
server: tsa_k
content-type: image/gif;charset=utf-8
x-transaction-id: a991457a82b5f04d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: cb1771b31e34a36182a6656e8b4f725b890b120e000fba00c92387e3625567b5
content-length: 43

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4633 58 KB
33 KB 28ms
27ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=m2tlt9v1usag

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4868fb418ed15fe9cbe00b583280602038255249b87d57451dc85423fb70dd56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bX4nZeB1WBNGQWELPBFyZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bX4nZeB1WBNGQWELPBFyZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 15:23:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5925 58 KB
33 KB 31ms
30ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9164fa02a9e2e7724c86353962c2eb47eb883098ef3f9a6499025f8288a7775

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jJL46G4NjYtSmqzFXB11Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jJL46G4NjYtSmqzFXB11Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 15:23:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 14ms
3ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=880805232811859&ev=PageView&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&rl=&if=false&ts=1696519427387&sw=1600&sh=1200&v=2.9.132&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=29&fbp=fb.1.1696519427386.970176406&ler=empty&it=1696519427094&coo=false&tm=1&exp=a1&rqm=GET

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Oct 2023 15:23:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 4633 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=m2tlt9v1usag

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:19:42 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 4633 471 KB
187 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a36a289f192da3683b7def57ee9e730924144a65bbe6a3b5173d22b3eab9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 18:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191855
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 18:15:41 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 5925 55 KB
24 KB 6ms
5ms Stylesheet
text/css 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:19:42 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 5925 471 KB
187 KB 12ms
8ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a36a289f192da3683b7def57ee9e730924144a65bbe6a3b5173d22b3eab9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 18:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191855
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 18:15:41 GMT

GET
H2 200 modules.d8412042101ac94cb463.js Show response
script.hotjar.com/ 225 KB
55 KB 23ms
5ms Script
application/javascript 18.155.68.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d8412042101ac94cb463.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3008912.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-96.sin52.r.cloudfront.net

Software

Resource Hash

2d66d0e2862fe3da3ea704b05d4e27749c9baa299efb1c965fc82e2400a37ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aba54ee40a6f532537cf0e291656e002.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 7780
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55985
last-modified: Thu, 05 Oct 2023 13:13:15 GMT
etag: "fd4002be04b4192cce814fc4784db648"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: AI-r8-_EstCHj1siEWncic-qRIJdI7gh0_dTb5Ads5pm6rJ9tY3LAw==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4633 105 B
138 B 9ms
8ms Other
text/javascript 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42216c02f74e07e76b608ef4f7224c4b8c659bb561dbe971cb2ce85cd71542b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&size=normal&cb=m2tlt9v1usag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 15:23:47 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5925 105 B
138 B 9ms
9ms Other
text/javascript 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42216c02f74e07e76b608ef4f7224c4b8c659bb561dbe971cb2ce85cd71542b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&size=compact&cb=kjm0471dwqwm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 05 Oct 2023 15:23:47 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E12E 7 KB
1 KB 10ms
10ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a283297ca1b7e7e93ce6c198bb4e0b64b098802df74ef4701575a994d9e162f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xg0tJH__AWI7CuQGTMvr5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Xg0tJH__AWI7CuQGTMvr5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 15:23:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2E4C 7 KB
1 KB 14ms
14ms Document
text/html 2404:6800:4003:c04::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::69 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d50400b800c00c14131c4fb1359b9301c37d932758f81b302c03569484c87365

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y5H3iwedx5SpzpDMnjHY3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Y5H3iwedx5SpzpDMnjHY3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 15:23:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame E12E 55 KB
24 KB 4ms
4ms Stylesheet
text/css 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:19:42 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame E12E 471 KB
187 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a36a289f192da3683b7def57ee9e730924144a65bbe6a3b5173d22b3eab9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 18:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191855
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 18:15:41 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
466 B 240ms
236ms XHR
application/json 54.147.237.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.147.237.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-237-138.compute-1.amazonaws.com

Software

Resource Hash

4c9d70e8b3fc7cfb7439be0242655e159bc81ddf4e17bb3e6aebfca3df0efc7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandiant.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: b951cb13d0aa0b6b47a9d9fb47c7eb73

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 2E4C 55 KB
24 KB 4ms
4ms Stylesheet
text/css 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 16:19:42 GMT

GET
H3 200 recaptcha__zh_cn.js Show response
www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/ Frame 2E4C 471 KB
187 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lLirU0na9roYU3wDDisGJEVT/recaptcha__zh_cn.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=lLirU0na9roYU3wDDisGJEVT&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794a36a289f192da3683b7def57ee9e730924144a65bbe6a3b5173d22b3eab9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 18:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191855
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 04:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 18:15:41 GMT

GET
H2 200 nr-rum-1.242.0.min.js Show response
js-agent.newrelic.com/ 44 KB
16 KB 26ms
3ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.242.0.min.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

467942d7490565f9eeffb703101620ee5a56c38f57312919d5a74cab073779eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: ZbbGSpfDbusF6mSs7Sl2uV56L034ouIe
content-encoding: br
via: 1.1 varnish
date: Thu, 05 Oct 2023 15:23:48 GMT
strict-transport-security: max-age=300
x-amz-request-id: ZFM3R804P6WNB9C5
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15733
x-amz-id-2: SLmDecMQU/5p3ikAQnnONxG6AeQiVmklSVVm7S67u6Sb8BmtRBGGeNiPUuymCxsJj33/ujQr0fo=
x-served-by: cache-qpg1223-QPG
last-modified: Tue, 26 Sep 2023 03:02:38 GMT
server: AmazonS3
x-timer: S1696519429.769596,VS0,VE0
etag: "7443b88e37d38843fd5e2ddf0fdc5d9e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2010

GET
H2 200 6si.min.js Show response
j.6sc.co/ 51 KB
15 KB 25ms
4ms Script
application/javascript 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/blog/wannacry-malware-profile

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-31.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Aug 2023 22:29:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64e7d9dd-cc38"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 14993
expires: Thu, 05 Oct 2023 15:23:48 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 4ms
4ms Image
image/gif 2404:6800:4003:c1c::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=526566564&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&ul=en-us&de=UTF-8&dt=WannaCry%20Malware%20Profile%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Resource%20Type&ea=threat%20research&el=null&_u=aGDAgEABAAAAAGAEK~&jid=&gjid=&cid=434456925.1696519427&tid=UA-203244293-1&_gid=1418573454.1696519427&gtm=45He3a20n81T72STLD&cg1=threat%20research&cg2=resources&cd3=1696519428749.j5hi2y5r&cd4=2023-10-05T23%3A23%3A48.749%2B08%3A00&cd5=&cd15=alex%20berry%2C%20josh%20homan%2C%20randi%20eitzman&cd16=may%2023%2C%202017&cd24=unknown&gcs=G111&cd1=434456925.1696519427&z=1387140378

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::71 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:34:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24539
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK NRJS-890ead692fb1e944fb6 Show response
bam.nr-data.net/1/ 40 B
398 B 1314ms
1271ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-890ead692fb1e944fb6?a=1404479750&v=1.242.0&to=YlRVYERZV0ZSWhINX1sedldCUVZbHH0UEUBUXWtaWVxcaXBWCBBCWl1bUURkd1pXXDANVUJyWFpCSlZZX1wUSQ5DWFJD&rst=5937&ck=0&s=1a0caf57002ee44b&ref=https://www.mandiant.com/resources/blog/wannacry-malware-profile&qt=4&ap=724&be=1622&fe=4271&dc=2366&at=ThNWFgxDREg%3D&perf=%7B%22timing%22:%7B%22of%22:1696519422852,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:10,%22c%22:10,%22s%22:13,%22ce%22:23,%22rq%22:23,%22rp%22:1622,%22rpe%22:1629,%22di%22:3982,%22ds%22:3983,%22de%22:3988,%22dc%22:5890,%22l%22:5891,%22le%22:5893%7D,%22navigation%22:%7B%7D%7D&fp=2901&fcp=2901
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.242.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d

Request headers

Referer: https://www.mandiant.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Oct 2023 15:23:49 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-qpg1264-QPG

GET
H2 200 / Show response
c.6sc.co/ 7 B
194 B 10ms
4ms XHR
text/html 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-17-96-31.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:48 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.mandiant.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 22 B
314 B 121ms
4ms XHR
text/html 2600:1413:b000:6::17d5:2bc6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1413:b000:6::17d5:2bc6 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 57325772741009e1bd7f33164fc7e0d086825d727e9bbd90ae7320fb140e90c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:48 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.mandiant.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:df1:800:a004:1::4
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1696519428907_398551238_1304140106_34_738_2_9_219";dur=1
content-length: 22
expires: Thu, 05 Oct 2023 15:23:48 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 682ms
673ms Image
image/gif 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2b3b17c-69f0-4df0-8e86-46f781d9c80a&session=77dda419-7ff0-47e4-8c08-ac9ede9fc0f7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2005%20Oct%202023%2015%3A23%3A48%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2005%20Oct%202023%2015%3A23%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22627b22264f359a2be8e661bd05849ae6%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2005%20Oct%202023%2015%3A23%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2005%20Oct%202023%2015%3A23%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2005%20Oct%202023%2015%3A23%3A48%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WannaCry%20Malware%20Profile%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&pageViewId=4b80c8b5-53e9-4c28-8759-46da7c097b60&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-31.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:49 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 568ms
568ms Image
image/gif 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2b3b17c-69f0-4df0-8e86-46f781d9c80a&session=77dda419-7ff0-47e4-8c08-ac9ede9fc0f7&event=ipv6&q=%7B%22address%22%3A%222001%3Adf1%3A800%3Aa004%3A1%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22WannaCry%20Malware%20Profile%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&pageViewId=4b80c8b5-53e9-4c28-8759-46da7c097b60&v=1.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-31.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:49 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 454ms
454ms Image
image/gif 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-31.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:50 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 660ms
660ms Image
image/gif 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-31.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:51 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 583ms
583ms Image
image/gif 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-31.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:52 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 545ms
545ms Image
image/gif 96.17.96.31
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.96.31 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-17-96-31.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:23:53 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 5ms
5ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=45je3a20&_p=526566564&gcs=G111&cid=434456925.1696519427&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&sid=1696519427&sct=1&seg=0&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Fblog%2Fwannacry-malware-profile&dt=WannaCry%20Malware%20Profile%20%7C%20Mandiant&en=resource_view&ep.resource_type=threat%20research&ep.resource_date=may%2023%2C%202017&ep.resource_title=WannaCry%20Malware%20Profile%20%7C%20Mandiant&ep.resource_topic=null&ep.resource_author=alex%20berry%2C%20josh%20homan%2C%20randi%20eitzman&_et=1608
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 15:23:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mandiant.com/	1970-01-20 15:15:21	Name: __cf_bm Value: 5KpDiWJtIEuG1g7ybGgEZrCS8Ar8HHx3dyDCa2oQmf0-1696519424-0-AX4N4DTt9ETnrRA9VXpJGMpguVVxedRV/VLeaiyZLnv80el+IzzfkYR4xDltvEmnZSqtT7vP41wLZZOMtgDnUCE=
.mandiant.com/	1970-01-20 17:24:55	Name: _gcl_au Value: 1.1.1673439808.1696519427
.doubleclick.net/	1970-01-20 15:15:20	Name: test_cookie Value: CheckForPermission
.mandiant.com/	1970-01-20 15:16:45	Name: _gid Value: GA1.2.1418573454.1696519427
.mandiant.com/	1970-01-20 15:15:19	Name: _dc_gtm_UA-203244293-1 Value: 1
.mandiant.com/	1970-01-20 15:16:45	Name: _uetsid Value: 2da0f3c0639311eeaac0678665f571dc
.mandiant.com/	1970-01-21 00:36:55	Name: _uetvid Value: 2da108c0639311eeab04652ef803508c
.mandiant.com/	1970-01-21 00:51:19	Name: _mkto_trk Value: id:565-PEI-952&token:_mch-mandiant.com-1696519427207-91491
.bing.com/	1970-01-21 00:36:55	Name: MUID Value: 0144DB1656BA6A9E2BF7C8B757BB6B7C
.bat.bing.com/	1970-01-20 15:25:24	Name: MR Value: 0
www.mandiant.com/	1970-01-20 15:16:45	Name: ln_or Value: eyIzNDYwNzQ2IjoiZCJ9
.mandiant.com/	1970-01-20 17:24:55	Name: _fbp Value: fb.1.1696519427386.970176406
.t.co/	1970-01-21 00:51:19	Name: muc_ads Value: 2b29e7c1-85cd-4c02-bf6c-db3271d4eebe
.twitter.com/	1970-01-21 00:51:19	Name: personalization_id Value: "v1_/BIIulHp6sdZM+g6lcyk7Q=="
.linkedin.com/	1970-01-20 17:24:55	Name: li_sugr Value: 7ced3f99-068c-4d10-92c2-21f1fd410bbd
.linkedin.com/	1970-01-21 00:00:55	Name: bcookie Value: "v=2&d099e55d-ffce-4c9f-8395-b51cb93498fb"
.linkedin.com/	1970-01-20 15:16:45	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2759:u=1:x=1:i=1696519427:t=1696605827:v=2:sig=AQFeBToWpSZlnvqx_UAv6SGAcR5SYEPa"
.mandiant.com/	1970-01-21 00:00:55	Name: _hjSessionUser_3008912 Value: eyJpZCI6IjQ2NGI0NDE5LTU0ODMtNWFjNC04NGRmLTRiNTkwYjlmYzk1ZCIsImNyZWF0ZWQiOjE2OTY1MTk0Mjc2ODMsImV4aXN0aW5nIjpmYWxzZX0=
.mandiant.com/	1970-01-20 15:15:21	Name: _hjFirstSeen Value: 1
.mandiant.com/	1970-01-20 15:15:19	Name: _hjIncludedInSessionSample_3008912 Value: 0
.mandiant.com/	1970-01-20 15:15:21	Name: _hjSession_3008912 Value: eyJpZCI6IjBhNWQ1M2Q5LTBmMzgtNDBhMC04MjIzLWIxOTU0NmUwZDhiNyIsImNyZWF0ZWQiOjE2OTY1MTk0Mjc2ODMsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.mandiant.com/	1970-01-20 15:15:21	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 15:58:31	Name: UserMatchHistory Value: AQKWPL_eHzAe3QAAAYsAcBa2oMYjDL21A86xx91t1JB97B7XIzkMqzRcj1vV9WOkBmhNj7jyhlVumA
.linkedin.com/	1970-01-20 15:58:31	Name: AnalyticsSyncHistory Value: AQLPZgfvJbl6lQAAAYsAcBa2uVbyZUhZoaQlWDxmmq5JaWjebwARiurIFDFSa47nuYgGzIZi0LefpQnvgI5-ZA
www.mandiant.com/	1970-01-20 15:25:24	Name: slireg Value: https://scout.us3.salesloft.com
.www.linkedin.com/	1970-01-21 00:00:55	Name: bscookie Value: "v=1&20231005152348254fc462-e8e0-42a4-81eb-0e2827e12158AQG2VsI30-j3361ydtG2zl3qzv31UQlc"
www.mandiant.com/	1970-01-21 00:00:55	Name: sliguid Value: 6c58438f-ae06-4d78-bacb-c604ca2dfb85
www.mandiant.com/	1970-01-21 00:00:55	Name: slirequested Value: true
.mandiant.com/	1970-01-21 00:51:19	Name: _ga Value: GA1.2.434456925.1696519427
.mandiant.com/	1970-01-21 00:51:19	Name: _ga_X6642ZTDJ7 Value: GS1.1.1696519427.1.0.1696519428.59.0.0
www.mandiant.com/	1970-01-21 00:51:19	Name: _gd_visitor Value: c2b3b17c-69f0-4df0-8e86-46f781d9c80a
www.mandiant.com/	1970-01-20 15:15:33	Name: _gd_session Value: 77dda419-7ff0-47e4-8c08-ac9ede9fc0f7
.6sc.co/	1970-01-21 00:51:19	Name: 6suuid Value: 1f154b17be18300005d51e65e601000052d03000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

565-pei-952.mktoresp.com
analytics.google.com
analytics.twitter.com
b.6sc.co
bam.nr-data.net
bat.bing.com
c.6sc.co
cdn.linkedin.oribi.io
cdn4.iconfinder.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js-agent.newrelic.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.mandiant.com
104.244.42.197
104.244.42.67
13.107.42.14
13.224.250.18
151.101.108.157
151.101.2.137
162.247.243.29
18.155.68.96
192.28.144.124
2001:4860:4802:36::181
23.50.91.74
2403:e800:e80b::2a63:8cc0
2404:6800:4003:c01::5e
2404:6800:4003:c02::9c
2404:6800:4003:c04::5e
2404:6800:4003:c04::61
2404:6800:4003:c04::69
2404:6800:4003:c04::9a
2404:6800:4003:c05::5f
2404:6800:4003:c1c::71
2600:1413:b000:6::17d5:2bc6
2600:9000:20c7:800:2:53b2:240:93a1
2606:4700:10::ac43:2794
2606:4700:300b::a29f:f17d
2606:4700::6811:180e
2606:4700::6811:4341
2606:4700:e6::ac40:cb0b
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
54.147.237.138
96.17.96.31
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6
0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379
127751f53600e1d5e2aabd86078efc6e9933104792401d13ba8f54bf278e9be5
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d5e5ce7eff2e417f3a3de1b61fb564712a14571393164dc4146dd94c99b95ba
201492c149f68b701455a2d046549a318a76ed5bca4ab13ebd913dbd14710246
20900525090b613095321f17eef4de3803f98dd8b301ff97a972b1b3b073728e
22d544d04a6282b544aa3fbc8e024e41f00902673fe34f774092c02d4e7d6712
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2d66d0e2862fe3da3ea704b05d4e27749c9baa299efb1c965fc82e2400a37ed6
2f76ce833f021609c95e4f7aa037a19cfb33bcfe5dd6e25ead5b6fb61add6050
34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8
369564d916b5510b303fd6a5fa4d1a6c722e92da8b0657ce42f59c6e7d50f4b1
3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4
3cd300abe64782f79ed606e66ec87dff9df73e71774570ae95693f258fcff365
42216c02f74e07e76b608ef4f7224c4b8c659bb561dbe971cb2ce85cd71542b0
467942d7490565f9eeffb703101620ee5a56c38f57312919d5a74cab073779eb
4868fb418ed15fe9cbe00b583280602038255249b87d57451dc85423fb70dd56
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4c9d70e8b3fc7cfb7439be0242655e159bc81ddf4e17bb3e6aebfca3df0efc7c
4ec4c07fa6575aecd81e6087d091d41a69e45a89b29ee147db3f09323e6f5638
51e6d23e4a97f15652c1709f999062fcced9990b5090dde0d22b869247ea0869
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57325772741009e1bd7f33164fc7e0d086825d727e9bbd90ae7320fb140e90c2
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5ad73868410cff1f60dba2e6425cec69e621be852b1e89e28339a5c857ba6ea0
640f2bf8138db0c5d698fb37b044d7788afdf119737a76ae2ccca2710f6c2244
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
794a36a289f192da3683b7def57ee9e730924144a65bbe6a3b5173d22b3eab9b
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
7f3c20825909bb222fd8ec5db0a985fb397c20a97d8362858ccfffb576e13a77
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834cda0be10787417a47240202b776751235b6d14521976d11fbf5734333c3f1
860f45e645e33a50a9a34186d5c0558df4198829fe98679a4a6e1e754fca1aeb
887dea1b760d630afcbae650e3259dc18ef1a7fe3137ab715a56005a69f921b0
8a283297ca1b7e7e93ce6c198bb4e0b64b098802df74ef4701575a994d9e162f
921fbb814b7230690438275f49488ea721567be50a54efdd194e52bc5058d803
943fd20cc1415adb436d84b5c33b49c9873ae1241df51b2507284bcfc19203db
9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
9f41b6056bfd2eb59371fabdc40b3970f02458ee463aa92385fe214fb00aebae
a0a1f98fca203b8561519a06bacfdc50e4b3c4a5a71e740da5b0875bd4fc00d6
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a93f576b64cd12b48926072b894285e0e986305488d148a0c1a74f140c159cb5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
baddb6f977794681f1601eb4652e2b98732b996ef8a01d3cd6040d197e1fb586
bf204863b72594d7da599f0ad2cfb43573b91d2ef348983d8890f64ba9858d1e
bfbe371e7fdd00e9b41aba6aebe972230f66d4231e220e9547a9ebac808fe25a
c57a249aa494671298ccf0f4e34804f904d1844f52b8bfec1a60b47906ec52fb
c6923ec152fa558d800877bc4a71aabdb888c57238f66a122351dccd52f6c3dc
c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e
ce56dc3783735b873af61135d410e3ccec9dfd565a5961fd707e85d1d6b654af
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfbbb6a8bb9482b6bddbba133d70d9ac28fea886ede20ecdaf3110d5c70dba6c
d50400b800c00c14131c4fb1359b9301c37d932758f81b302c03569484c87365
db8889219047b9dab1299759fc44d56af45ee4e683961df1d54d1f0ef783690a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4f02f1f6a5e491336064c0d0bdcd6914d5794a431a359c1f684cec8ed77f7
e9164fa02a9e2e7724c86353962c2eb47eb883098ef3f9a6499025f8288a7775
eaa35318f1677afe48e000781847cca85bb7f87e3b0e7b7fc42674e278ccf03b
ed59ee4d04819c48c1bb60b3ef6928c621cd5cd86d7103957de3eebba9910b0d
ee8f374db7134ee88f3bd1f79ba5775c50f4a79b33582530be0b661c1506b931
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f7d03fc316ecd0f06898ba04909c727d311650c24f53bf0c45083a82ae83cb1d
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fa56ee1544dee5ed44943cac1bf689538256137babd0083fe7a212b8c5b286e1
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6
ff46ab88d5fe2880ee24e0a56c4f423096ea4eb7b80e0fc8032319e26b5a002b

www.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f17d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

98 %HTTPS

64 %IPv6

27 Domains

36 Subdomains

32 IPs

4 Countries

3709 kBTransfer

7624 kBSize

33 Cookies

15 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

98 %
HTTPS

64 %
IPv6

27
Domains

36
Subdomains

32
IPs

4
Countries

3709 kB
Transfer

7624 kB
Size

33
Cookies

106 HTTP transactions
0 data transactions