connect.mandiant.com Open in urlscan Pro
2a02:26f0:6c00::210:ba28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://connect.mandiant.com/sled/home/m-trends-2022-report-insights-into-todays-top-cyber-trends-and-attacks%E2%80%8B%E2%80%...
Effective URL:
https://connect.mandiant.com/sled
Submission: On April 22 via manual (April 22nd 2022, 3:16:23 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 67 HTTP transactions. The main IP is 2a02:26f0:6c00::210:ba28, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is connect.mandiant.com.
TLS certificate: Issued by R3 on March 27th 2022. Valid for: 3 months.

This is the only time connect.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.158.224.59 192.158.224.59	397423 (TIER-NET) (TIER-NET)
8	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	54.88.152.191 54.88.152.191	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.19.155.47 52.19.155.47	16509 (AMAZON-02) (AMAZON-02)
2	3.209.172.72 3.209.172.72	14618 (AMAZON-AES) (AMAZON-AES)
1	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
11	2a04:4e42:200... 2a04:4e42:200::614	54113 (FASTLY) (FASTLY)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
67	18

22 2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

connect.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.folloze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.158.224.59 (Charlotte, United States)

ASN397423 (TIER-NET, US)
PTR: intimeclick.com

ipsec.folloze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fn.us.ipsec.folloze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

v2.listenloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.88.152.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-152-191.compute-1.amazonaws.com

abm2.listenloop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.155.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-155-47.eu-west-1.compute.amazonaws.com

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.172.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-172-72.compute-1.amazonaws.com

folloze-pingy.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:200::614 (United States)

ASN54113 (FASTLY, US)

images.folloze.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	folloze.com cdn.folloze.com — Cisco Umbrella Rank: 586005 ipsec.folloze.com — Cisco Umbrella Rank: 626141 fn.us.ipsec.folloze.com — Cisco Umbrella Rank: 648536 images.folloze.com — Cisco Umbrella Rank: 637034	1 MB
14	mandiant.com 1 redirects connect.mandiant.com	32 KB
8	6sc.co j.6sc.co — Cisco Umbrella Rank: 6651 c.6sc.co — Cisco Umbrella Rank: 10113 b.6sc.co — Cisco Umbrella Rank: 4627	14 KB
6	gstatic.com fonts.gstatic.com	122 KB
4	listenloop.com v2.listenloop.com — Cisco Umbrella Rank: 41747 abm2.listenloop.com — Cisco Umbrella Rank: 41187	68 KB
2	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 314	2 KB
2	herokuapp.com folloze-pingy.herokuapp.com — Cisco Umbrella Rank: 433650	560 B
2	bidr.io 1 redirects segment.prod.bidr.io — Cisco Umbrella Rank: 9175	1 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 271 fonts.googleapis.com — Cisco Umbrella Rank: 39	8 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 864	32 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 344	18 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 394	700 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	2 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2175	450 B
67	14

	Domain	Requested by
14	connect.mandiant.com	1 redirects connect.mandiant.com
11	images.folloze.com
8	cdn.folloze.com	connect.mandiant.com cdn.folloze.com
6	b.6sc.co
6	fonts.gstatic.com	fonts.googleapis.com
3	abm2.listenloop.com	connect.mandiant.com
2	bam-cell.nr-data.net	connect.mandiant.com
2	folloze-pingy.herokuapp.com	connect.mandiant.com
2	fn.us.ipsec.folloze.com	connect.mandiant.com
2	segment.prod.bidr.io	1 redirects connect.mandiant.com
2	unpkg.com	1 redirects connect.mandiant.com
1	js-agent.newrelic.com	connect.mandiant.com
1	c.6sc.co	connect.mandiant.com
1	secure.adnxs.com	connect.mandiant.com
1	fonts.googleapis.com	connect.mandiant.com
1	ajax.googleapis.com	connect.mandiant.com
1	v2.listenloop.com	connect.mandiant.com
1	j.6sc.co	connect.mandiant.com
1	ipsec.folloze.com	connect.mandiant.com
1	cdn.jsdelivr.net	connect.mandiant.com
1	cdn.polyfill.io	connect.mandiant.com
67	21

This site contains links to these domains. Also see Links.

Domain
www.mandiant.com

Subject Issuer	Validity	Valid
connect.mandiant.com R3	`2022-03-27` - `2022-06-25`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
app.folloze.com R3	`2022-02-20` - `2022-05-21`	3 months	crt.sh
ipsec.folloze.com R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.listenloop.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-06-17`	a year	crt.sh
fn.us.ipsec.folloze.com R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
adacpresse-res.cloudinary.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-19` - `2022-05-21`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://connect.mandiant.com/sled
Frame ID: 0A04DE7C81B169E423EEDE98C75245EF
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Securing State and Local Governments | mandiant.com

Page URL History Show full URLs

https://connect.mandiant.com/sled/home/m-trends-2022-report-insights-into-todays-top-cyber-trends-and-att... HTTP 302
https://connect.mandiant.com/sled Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

67
Requests

94 %
HTTPS

53 %
IPv6

14
Domains

21
Subdomains

18
IPs

4
Countries

1391 kB
Transfer

3769 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mandiant.com/privacy-and-cookies
Title: Privacy & Cookies Policy

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/terms-and-conditions
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/compliance
Title: Compliance

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://connect.mandiant.com/sled/home/m-trends-2022-report-insights-into-todays-top-cyber-trends-and-attacks%E2%80%8B%E2%80%8B&c=E,1,-iuMghkNmO6SN07dOdeqZZ0gIgODVz8HidW308KEoNtQEJixyYfQSf5k-QuatZLo9IFwpPL0VNJpsYMWEJRaRQnvgMGlaSWZkjIIDSvwzNTcRg4,&typo=1 HTTP 302
https://connect.mandiant.com/sled Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://unpkg.com/cloudinary-core/cloudinary-core-shrinkwrap.min.js HTTP 302
https://unpkg.com/cloudinary-core@2.12.3/cloudinary-core-shrinkwrap.min.js

Request Chain 24

https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-11912&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-11912&value=&_bee_ppp=1

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sled Show response
connect.mandiant.com/
Redirect Chain

https://connect.mandiant.com/sled/home/m-trends-2022-report-insights-into-todays-top-cyber-trends-and-attacks%E2%80%8B%E2%80%8B&c=E,1,-iuMghkNmO6SN07dOdeqZZ0gIgODVz8HidW308KEoNtQEJixyYfQSf5k-QuatZL...
https://connect.mandiant.com/sled

56 KB
19 KB

722ms
721ms

Document
text/html

2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

bc9b3fe976ba2bf33283a5ee6ed92e1714de57b3791c9c4ae9604dc65d6eb46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 19128
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 15:16:16 GMT
etag: W/"95eb684864f098ce56c1993bacc628d5"
expires: Fri, 22 Apr 2022 15:16:16 GMT
pragma: no-cache
server: Cowboy
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-request-id: f3cb2f30-5046-47f5-a0ad-23f0e7693dc2
x-runtime: 0.278757
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 22 Apr 2022 15:16:15 GMT
expires: Fri, 22 Apr 2022 15:16:15 GMT
location: https://connect.mandiant.com/sled
pragma: no-cache
server: Cowboy
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
x-request-id: 02c3087e-119f-4678-8a91-23cc0c0210fe
x-runtime: 0.032442
x-xss-protection: 1; mode=block

GET
H2

200

cloudinary-core-shrinkwrap.min.js Show response
unpkg.com/cloudinary-core@2.12.3/
Redirect Chain

https://unpkg.com/cloudinary-core/cloudinary-core-shrinkwrap.min.js
https://unpkg.com/cloudinary-core@2.12.3/cloudinary-core-shrinkwrap.min.js

140 KB
31 KB

29ms
29ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/cloudinary-core@2.12.3/cloudinary-core-shrinkwrap.min.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e52b5c49da466071af48ecc9fc5345a596fc3bd4e03ccf327cec64beb72c6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5556597
fly-request-id: 01FW3ABZ1B0B58Z1CGGYMJ08HK-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"22fc9-OKflYDqTBVhEwRiT5PizQ7Gf7xE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fff51d2ec52997b-FRA

Redirect headers

date: Fri, 22 Apr 2022 15:16:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G18XGYB5DK1WCGSY729S9M8Z-fra
server: cloudflare
age: 94
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /cloudinary-core@2.12.3/cloudinary-core-shrinkwrap.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6fff51d2cbfa997b-FRA
access-control-allow-origin: *

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 222 B
450 B 164ms
28ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.polyfill.io/v2/polyfill.js?features=Element.prototype.classList
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:16 GMT
content-encoding: br
last-modified: Mon, 11 Apr 2022 20:27:36 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/100.0.0
server-timing: cache-fra19143, PASS, fastly;desc="Edge time";dur=21
accept-ranges: bytes
content-length: 126

GET
H2 200 focus-visible.min.js Show response
cdn.jsdelivr.net/npm/focus-visible@5.2.0/dist/ 3 KB
2 KB 154ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/focus-visible@5.2.0/dist/focus-visible.min.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6abe5b4a45660d2e1c1a6f439d996d8a69a7a1a472be169c3121ade517b7ab05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2786032
x-jsd-version: 5.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"beb-P2d7bY1J9dMwzvFygjaCFAK0aMA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biHwxMMlChO73Bg%2BLkk4zGjeFsPzh%2FeFJJ%2FVOD9U6CVEJlEuyu4pyBWjKnhe%2F%2F8HoHwF4brGww52F7TAKcxZbhas3ZH21p4kmEG%2Bm0KXHn5WoVRoqKkjsfPunOmtgONIjvzQ%2FrdxMawm1ZImhds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6fff51d2cc029a1d-FRA

GET
H2 200 1-b6904cf45eac97c4f7ca.css
cdn.folloze.com/assets/ 53 KB
11 KB 163ms
27ms Stylesheet
text/css 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/1-b6904cf45eac97c4f7ca.css

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d597dd68b451a35af7e7f1f310645e93e9f6d0cafd18924ca17adc137a853d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://connect.mandiant.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:34:25 GMT
date: Fri, 22 Apr 2022 15:16:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 10555

GET
H2 200 liveBoard-940afc58e7fe93a5dbe0.css
cdn.folloze.com/assets/ 24 KB
5 KB 154ms
18ms Stylesheet
text/css 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/liveBoard-940afc58e7fe93a5dbe0.css

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a646636a972c54182f938d60876e21a6dd45e1dd86363c735a10cb8f378d7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://connect.mandiant.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:34:25 GMT
date: Fri, 22 Apr 2022 15:16:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 4670

GET
H/1.1 200
OK learn.js Show response
ipsec.folloze.com/api/*/FnjjOSc9hsghw9pkWf0uXP1rpDW48O8aZp46MNS4PxKjSwUnvb1q0AcDu0dTdABuCNfpumyZKYh3L3I0IVpIxwKH4vr4GZqTsCVAcxrnFPylqrwW6wL7PVgatYsYG1WeqrTMJEHHTAuOwSMSx9tOpuYcEQvJe0PXB55Pis0ifzvYc... 132 KB
132 KB 425ms
186ms Script
application/javascript 192.158.224.59
TIER-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsec.folloze.com/api/*/FnjjOSc9hsghw9pkWf0uXP1rpDW48O8aZp46MNS4PxKjSwUnvb1q0AcDu0dTdABuCNfpumyZKYh3L3I0IVpIxwKH4vr4GZqTsCVAcxrnFPylqrwW6wL7PVgatYsYG1WeqrTMJEHHTAuOwSMSx9tOpuYcEQvJe0PXB55Pis0ifzvYcyxumKxGOrcsNP9QzjoNRZeNs3ytQfAAqwWevylIcDD5vv2rg7DcGoLGiHpokBHfw19Dg8WyhWNu1cOFc2DV/learn.js
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US),
Reverse DNS: intimeclick.com
Software: nginx /
Resource Hash: 9ff1dc09eabf6193391626ecc2e2f56c5626cbf1b57b7b48a1c6fdd0f746b878

Request headers

Referer: https://connect.mandiant.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 22 Apr 2022 15:16:16 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: close
X-Robots-Tag: noindex
Expires: Sat, 23 Apr 2022 11:16:16 GMT

GET
H2 200 dataEnrichment-3877540f82aea5e4985d.js Show response
cdn.folloze.com/assets/ 113 KB
39 KB 180ms
44ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/dataEnrichment-3877540f82aea5e4985d.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

10f0a4e08c91b1a420e978f37877d9bc2db3db3d1e60d00635f325b2bd9deeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://connect.mandiant.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 10:32:26 GMT
date: Fri, 22 Apr 2022 15:16:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 39544

GET
H2 200 liveboard-vendor-0de57cda204f70aed7b7.js Show response
cdn.folloze.com/assets/ 2 MB
510 KB 163ms
27ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/liveboard-vendor-0de57cda204f70aed7b7.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fc5ed7beae7dfc9edeefb2b9dc5acc2e4bf36b97f1d69c4783088eb03be33053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://connect.mandiant.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 10:32:26 GMT
date: Fri, 22 Apr 2022 15:16:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 520740

GET
H2 200 liveBoard-16fe47f033c69693803f.js Show response
cdn.folloze.com/assets/ 220 KB
55 KB 156ms
20ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/liveBoard-16fe47f033c69693803f.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d6efc9d998ed1de49dcb13acc56351087d0b1ff8836d84f163e6a22c65cf15dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://connect.mandiant.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:34:25 GMT
date: Fri, 22 Apr 2022 15:16:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 56301

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 27 KB
9 KB 31ms
7ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8575
Pragma: no-cache
Last-Modified: Thu, 07 Oct 2021 17:17:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615f2bb7-6a5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 22 Apr 2022 15:16:16 GMT

GET
H2 200 loop.bundle.js Show response
v2.listenloop.com/ 191 KB
67 KB 62ms
28ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.listenloop.com/loop.bundle.js
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d12fca9fae33bfc7f1483b2a04fdb4e7c55f0563c6a44acefd81b86392b5bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4251
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: K188JDY4DYN5F4DS
x-amz-id-2: 1pdZV6wRIv4GJRJJByLzQuuuAUZADX3MVeUy6wLw2B/AxhaUez4fwlYhk4Ll22m9A6CRarANoMo=
last-modified: Tue, 19 Apr 2022 15:45:41 GMT
server: cloudflare
etag: W/"c1f80e0ee7637c353056b4039f814e6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdMwxMHnI5sfhQh5IREpJfibOAM7nK1hvhJEC6bEfdbgpRbu%2Fqb97hLcVqLrzsRYLDKxbpA%2FTiY5cge92rD5nPTfxmuGEB5jITINUB8gjVPLe5fwExgcpZ%2FFjIhrQHkEYTH9fZDmPGlhjk3yqogXRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6fff51d37d439124-FRA

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 08:51:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 58ms
24ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700%7COpen+Sans:300,400,500,700

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe736b2a325b166094d1764188fe05898710458b2ec52c158d11a149005a2118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 15:10:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 15:16:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 15:16:16 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 74ms
38ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700%7COpen+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 08:04:00 GMT
x-content-type-options: nosniff
age: 285136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15712
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 08:04:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 50ms
15ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700%7COpen+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 163064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:58:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 54ms
19ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700%7COpen+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 48595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:46:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 64ms
29ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700%7COpen+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 14:02:01 GMT
x-content-type-options: nosniff
age: 263655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Apr 2023 14:02:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 68ms
34ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700%7COpen+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 163197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:56:19 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 76ms
41ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700%7COpen+Sans:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 232269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:45:07 GMT

GET
H/1.1 200
OK me Show response
abm2.listenloop.com/api/v1/public/organizations/ 574 B
1 KB 478ms
101ms XHR
application/json 54.88.152.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://abm2.listenloop.com/api/v1/public/organizations/me?public_key=MRxJc5qdz5T-wKxBNsh4
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-152-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 56bf97572cc7de5a19131a062e5e0e64ffa38dc71e87cdfa7c0e481e15f2d628

Request headers

Accept: */*
Referer: https://connect.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

X-Runtime: 0.005694
Date: Fri, 22 Apr 2022 15:16:17 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"7523f541f6f1673fee45aa609ccabba1"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://connect.mandiant.com
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Content-Length: 361
X-Request-Id: 7b176ac6-cfb7-4b01-b105-e0b22d55ffe4

POST
H/1.1 200
OK retargeting_segments Show response
abm2.listenloop.com/api/v1/public/ 27 B
773 B 482ms
102ms XHR
application/json 54.88.152.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://abm2.listenloop.com/api/v1/public/retargeting_segments
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-152-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1cddcd88d3332d560856627ab2cecc7d9aa6c9d616729701ae13902d1671d0b0

Request headers

Accept: */*
Referer: https://connect.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

X-Runtime: 0.005398
Date: Fri, 22 Apr 2022 15:16:17 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"755ff2ee4951270e22150955ac9319c5"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://connect.mandiant.com
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Content-Length: 53
X-Request-Id: 2b114881-f2c6-4f80-80f3-ce99727f866c

GET
H2 200 66-4d71b712f6bdb9e32f15.css
cdn.folloze.com/assets/ 309 KB
50 KB 45ms
24ms Stylesheet
text/css 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/66-4d71b712f6bdb9e32f15.css

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

79a4602aac4ffd6534295c008c3ba1de604231ce9294a4e22b947ed4a01be2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:34:25 GMT
date: Fri, 22 Apr 2022 15:16:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 51265

GET
H2 200 [request]-e311d2142b69031f9d9f.js Show response
cdn.folloze.com/assets/LiveBoard/ 355 KB
77 KB 63ms
42ms Script
application/javascript 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/LiveBoard/[request]-e311d2142b69031f9d9f.js

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c52e2cf296b4eeef0eead53ae9024c5f28a19e5bc7b327044f7b68a6af4869a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:34:26 GMT
date: Fri, 22 Apr 2022 15:16:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 78554

GET
H2 200 icomoon-7983d63146c90b1dc71cc26b125298a9.ttf
cdn.folloze.com/assets/fonts/ 62 KB
36 KB 21ms
21ms Font
application/octet-stream 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.folloze.com/assets/fonts/icomoon-7983d63146c90b1dc71cc26b125298a9.ttf

Requested by

Host: cdn.folloze.com
URL: https://cdn.folloze.com/assets/liveBoard-940afc58e7fe93a5dbe0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b7c27cb4ececef7870a3883efefe00d6c0d5c6d8fd448f65c0f22b748690744e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cdn.folloze.com/assets/liveBoard-940afc58e7fe93a5dbe0.css
Origin: https://connect.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 03 Apr 2022 09:52:26 GMT
date: Fri, 22 Apr 2022 15:16:17 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 36693

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-11912&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-11912&value=&_bee_ppp=1

43 B
793 B

33ms
33ms

Image
image/gif

52.19.155.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-11912&value=&_bee_ppp=1

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

HTTP/1.1

Server

52.19.155.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-155-47.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 22 Apr 2022 15:16:17 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-11912&value=&_bee_ppp=1
Date: Fri, 22 Apr 2022 15:16:17 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 items_presence Show response
connect.mandiant.com/live_board/v2/boards/128943/ 18 B
620 B 480ms
480ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/boards/128943/items_presence

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

b9446bebca721873c0f9260e975ff449fb9ad6909d18ac3b51ab032abf6132b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 44
x-xss-protection: 1; mode=block
x-request-id: 1065c80a-f774-442a-9d3c-577590cbef72
x-runtime: 0.118495
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJAVdSQgA+C0NUWhU7QURWEQMNAVURFxFQV0MQH1UXUQFRAVRUDgRQSlMWAgJUUFMFAA9WUwEPC1FeW1UcTwlOGgwEVwEECVhSWQQHBQ8FV1FBFFVRCBIHag==
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"d1d431d985efdc64dd21353825a4ec76"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:17 GMT

GET
H2 200 presenter Show response
connect.mandiant.com/live_board/v1/boards/128943/ 291 B
802 B 451ms
450ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v1/boards/128943/presenter

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

25b66e1a79c86b237ebdaaff35ca70f2f6c5afd5f0a873913797621900bc6c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 229
x-xss-protection: 1; mode=block
x-request-id: 1d3c56b8-713a-4aa6-b68a-0981106550ec
x-runtime: 0.088707
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVBJE0pWQwEPFlJDREkXWVlEQEpTTABSCVAMCwQAAlILVANQClVWAAJNVk0ICgBWWFsEBwBfVAUABVFWWk4dUxRADwhRVlFTWgQJAwZRVVQDBURPXlJcFwQ/
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"39a81a9bf0c7f544852b26c1dcac9f83"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:17 GMT

GET
H2 200 3185 Show response
connect.mandiant.com/live_board/v2/campaign_elements/ 360 B
842 B 392ms
392ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/campaign_elements/3185?board_id=128943&element_type=2

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

1ff6f7652cf237cca0cecd366272354339e20249b61bb86195f7e9b9162f8b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 261
x-xss-protection: 1; mode=block
x-request-id: 83f8deba-fa62-441a-94f9-00719f1dc734
x-runtime: 0.027896
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJAFleQAUIBVluUgoBXFNdFhVMEVgNT0AUCBoCA1YPVQlWBFBWBgNVUFQPBANWTVIZAQVfUwAHClRXVFYGUAlXAAoYHwJJGwACAwpaUwIOUlNXClVTUgJAG1dWChdUaw==
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"205e50cf883e053e2cd29e4da3564184"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:17 GMT

POST
H2 200 session_validations Show response
connect.mandiant.com/live_board/v1/ 0
569 B 392ms
392ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v1/session_validations

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 25
x-xss-protection: 1; mode=block
x-request-id: 818b21e2-4d0b-4f66-90d1-9df191208376
x-runtime: 0.028937
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVBJEF1AQw0ODGhHVgoNVVdHCwkNER8BSgdZTFEQH1IXWABTClRcBQBQU1sKAwNVBE8HBBtWSgEFA1ZQVFsIVQhUCA0ABAtSDE0cUB9AXFIFB1JTDwMGBVRWDgRVVUYdUFIOFQY/
server: Cowboy
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:17 GMT

GET
H/1.1 200
OK udid.json Show response
fn.us.ipsec.folloze.com/udid/ 20 B
298 B 348ms
111ms XHR
application/json 192.158.224.59
TIER-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://fn.us.ipsec.folloze.com/udid/udid.json
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US),
Reverse DNS: intimeclick.com
Software: /
Resource Hash: c667ee514f7a7e676bf1c78bf95308ef1c90a20f258278deae37872f9407438b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:17 GMT
Last-Modified: Fri, 22 Apr 2022 11:16:17 GMT
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: close
Content-Length: 20
Expires: Sat, 22 Apr 2023 11:16:17 GMT

GET
H2 200 geo_location Show response
connect.mandiant.com/live_board/v1/ 96 B
675 B 380ms
379ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v1/geo_location

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

f39a56d86e98fa60dbf431c53823e713ff21b2ce2af59890aa49c6ba33ed1190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 99
x-xss-protection: 1; mode=block
x-request-id: 867f772a-1b25-4664-8d0d-a448d290e8d7
x-runtime: 0.021672
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVBJBF1cbwgOAVZFXgkKQhlACgkUQBxSFlIIDgcGAlYPUABQAlpVAANRUE8IHQBWUlMPBwFeVwcDB1VeVlMFVBRPCRQWCgRQD1IDV1ZXXARRVF5aDREcAgAORFRq
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"9f63fe0f15b508254aba89dd8f737c53"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

POST
H2 200 lead_views Show response
connect.mandiant.com/live_board/v2/boards/128943/ 0
566 B 402ms
402ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/boards/128943/lead_views

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 25
x-xss-protection: 1; mode=block
x-request-id: 4f18aaed-e217-4b02-b65f-c837e6464f64
x-runtime: 0.043523
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJD11SVDsDDVZDUzkSWFNEEUkAEFUDTAcaFAQcA1ULWQFZBFNWBwJRV1cOBwhQUk4HHwdSUQMGBlNXVVAHUwFVCg4BBB9ICE0TWABWVAQAWVYFXVADVVdQVBMbAAVdRVY/
server: Cowboy
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

POST
H/1.1 200
OK pings Show response
folloze-pingy.herokuapp.com/api/v1/ 0
560 B 297ms
104ms XHR
text/html 3.209.172.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://folloze-pingy.herokuapp.com/api/v1/pings

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.209.172.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-209-172-72.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

X-Rack-Cors: hit
Date: Fri, 22 Apr 2022 15:16:18 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Connection: close
Vary: Origin
X-Xss-Protection: 1; mode=block
X-Request-Id: 66e8614c-0c5e-4773-b2d5-9e9552dd839e
X-Runtime: 0.003816
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Access-Control-Max-Age: 0
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://connect.mandiant.com
Access-Control-Expose-Headers
Cache-Control: no-cache

GET
H2 200 categories Show response
connect.mandiant.com/live_board/v2/boards/128943/ 4 KB
1 KB 484ms
484ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/boards/128943/categories

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

2f77b164c0d08c7067c8bb6d81e73db6eb7979be1e0f8ca19dff44200f00084f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 752
x-xss-protection: 1; mode=block
x-request-id: e106940f-1291-46af-ace8-2cf0d74ff3b2
x-runtime: 0.124447
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJAFlHVQMOEF5UREkNX1JWGkRPUh5SCFIBAAMLAlcOVQBTAlJdBQBUSlMWAgJSVVcBAQVUVgcEBlVVUVYcTwlOGl4EBAYBAFUJAgdUVQNTU1ZBFFVRCBIHag==
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"0982228c3f50496ea66e65a19755afb0"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

GET
H2 200 873676 Show response
connect.mandiant.com/live_board/v2/items/ 847 B
1 KB 407ms
407ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/items/873676

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

d790a98e11dd2f3e44496ac190929f9c59cec776b029c0fd2b6ac4a93c0b8c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 553
x-xss-protection: 1; mode=block
x-request-id: 46828a7c-dec3-44a5-b4aa-a7334ebfb13f
x-runtime: 0.047221
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJCkxWXRdOC0NUWhVLQl5cFURPUh5SCFIJDAAKBFMVUR9RB1pSBgRTX1UKBAldUVUFAhtLVR0UAVdTUVYFA1taWQxQUFFXWkMdB1IOF1Nq
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"5203def30b7347096a93345006e33d02"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

GET
H2 200 873676 Show response
connect.mandiant.com/live_board/v2/items/ 847 B
1 KB 461ms
460ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/items/873676

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

d790a98e11dd2f3e44496ac190929f9c59cec776b029c0fd2b6ac4a93c0b8c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 553
x-xss-protection: 1; mode=block
x-request-id: 3b6e61b9-3a5a-4546-944c-023e1cf38248
x-runtime: 0.095589
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJCkxWXRdOC0NUWhVLQl5cFURPUh5SCFIJDQwFA1EVUR9RClVWBQJTVlEPCwlXUVQBBRtLVR0UAQQHUFUDVV5UXQkHClddXUMdB1IOF1Nq
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"5203def30b7347096a93345006e33d02"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

GET
H2 200 categories Show response
connect.mandiant.com/live_board/v2/boards/128943/ 4 KB
1 KB 503ms
503ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/boards/128943/categories

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

2f77b164c0d08c7067c8bb6d81e73db6eb7979be1e0f8ca19dff44200f00084f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 752
x-xss-protection: 1; mode=block
x-request-id: cdf4a29a-b686-49b5-b3d8-6083049931c8
x-runtime: 0.135960
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJAFlHVQMOEF5UREkNX1JWGkRPUh5SCFMPCwYAC1cLVAlWC1tUAAVXSlMWAgNTWVMOBAVeUQYPBFNXWlMcTwlOGlkDBgFQCgIJBAdVUwAAVQRBFFVRCBIHag==
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"0982228c3f50496ea66e65a19755afb0"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
700 B 353ms
19ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Apr 2022 15:16:18 GMT
X-Proxy-Origin: 37.58.57.1; 37.58.57.1; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dd5e60f0-1865-4a2b-8c01-a78e36e05499
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://connect.mandiant.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
376 B 339ms
9ms XHR
text/plain 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 924673bdd3c8a7a72a903ea2aa164cd6eff154ed4c1e1194370edabec4fb3beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:18 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://connect.mandiant.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 340ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-request-id: 74D0PMFHP7WP50DN
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: HMfk0ASGr8lwHT+12p+1gWOnum+QLURCxWa/e5kA1dl6ehiLxaCeTY5+stCcO/KIxcTCSOsodXs=
x-served-by: cache-fra19150-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1650640578.220099,VS0,VE0
date: Fri, 22 Apr 2022 15:16:18 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 230

GET
H2 200 ohoc4gnzfa7c31ne9sil.svg
images.folloze.com/image/upload/v1646680187/ 2 KB
1 KB 506ms
183ms Image
image/svg+xml 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/v1646680187/ohoc4gnzfa7c31ne9sil.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7b41cc6d77b0bfd50a0a3f86c2c2cd76369600451e503a05eb1722c2d60c25e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-disposition: attachment; filename="ohoc4gnzfa7c31ne9sil.svg"
server-timing: fastly;dur=176;cpu=1;start=2022-04-22T15:16:18.220Z;desc=miss,rtt;dur=6,cloudinary;dur=80;start=2022-04-22T15:16:18.270Z
vary: Accept-Encoding
content-length: 868
last-modified: Mon, 07 Mar 2022 19:09:50 GMT
server: Cloudinary
etag: W/"34a7116d408a67ceb42ce545fc1351a1"
strict-transport-security: max-age=604800
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 yylekjgwjuue9myzllx0.jpg
images.folloze.com/image/upload/c_fill,f_auto,q_auto:sensitive/v1646680154/ 76 KB
76 KB 522ms
199ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_fill,f_auto,q_auto:sensitive/v1646680154/yylekjgwjuue9myzllx0.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3b656888f5dc52d9ca59310ec6c56e06c6c2fcdf9471e6e8d1712d31e71c1a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="yylekjgwjuue9myzllx0.webp"
server-timing: fastly;dur=192;cpu=0;start=2022-04-22T15:16:18.221Z;desc=miss,rtt;dur=6,cloudinary;dur=97;start=2022-04-22T15:16:18.273Z
vary: Accept,User-Agent
content-length: 77668
last-modified: Mon, 07 Mar 2022 19:09:20 GMT
server: Cloudinary
etag: "ae813f6b352dbec58e947de0d9f0c316"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK fetch Show response
fn.us.ipsec.folloze.com/api/*/FnjjOSc9hsghw9pkWf0uXP1rpDW48O8aZp46MNS4PxKjSwUnvb1q0AcDu0dTdABuCNfpumyZKYh3L3I0IVpIxwKH4vr4GZqTsCVAcxrnFPylqrwW6wL7PVgatYsYG1WeqrTMJEHHTAuOwSMSx9tOpuYcEQvJe0PXB55Pis0... 0
268 B 347ms
127ms XHR
text/html 192.158.224.59
TIER-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://fn.us.ipsec.folloze.com/api/*/FnjjOSc9hsghw9pkWf0uXP1rpDW48O8aZp46MNS4PxKjSwUnvb1q0AcDu0dTdABuCNfpumyZKYh3L3I0IVpIxwKH4vr4GZqTsCVAcxrnFPylqrwW6wL7PVgatYsYG1WeqrTMJEHHTAuOwSMSx9tOpuYcEQvJe0PXB55Pis0ifzvYcyxumKxGOrcsNP9QzjoNRZeNs3ytQfAAqwWevylIcDD5vv2rg7DcGoLGiHpokBHfw19Dg8WyhWNu1cOFc2DV/learn/fetch
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.158.224.59 Charlotte, United States, ASN397423 (TIER-NET, US),
Reverse DNS: intimeclick.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Fri, 22 Apr 2022 15:16:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: close
X-Robots-Tag: noindex

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 334ms
202ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=null&session=8dfceeb6-7a3d-4d85-8a42-249bce27fcf7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A16%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Securing%20State%20and%20Local%20Governments%20%7C%20mandiant.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fconnect.mandiant.com%2Fsled&pageViewId=575906b9-eed2-4fd6-8f69-1bc329e23951

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:18 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

OPTIONS
H/1.1 200
OK pings
folloze-pingy.herokuapp.com/api/v1/ 0
0 541ms
101ms Preflight 3.209.172.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://folloze-pingy.herokuapp.com/api/v1/pings
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.172.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-172-72.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,folloze-session-guid,x-csrf-token,x-requested-with
Access-Control-Request-Method: POST
Origin: https://connect.mandiant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,folloze-session-guid,x-csrf-token,x-requested-with
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, HEAD
Access-Control-Allow-Origin: https://connect.mandiant.com
Access-Control-Expose-Headers
Access-Control-Max-Age: 0
Connection: close
Date: Fri, 22 Apr 2022 15:16:18 GMT
Server: Cowboy
Via: 1.1 vegur

GET
H/1.1 200
OK 80e565cf6f Show response
bam-cell.nr-data.net/1/ 49 B
1 KB 156ms
138ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/80e565cf6f?a=78940115&v=1216.487a282&to=IFpfRUAJCA8AER1cDxVQblNdBxYHShBGURIKVm5BUwEBEEoTR1IKClY%3D&rst=3207&ck=1&ref=https://connect.mandiant.com/sled&ap=279&be=1290&fe=2861&dc=2215&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1650640575023,%22n%22:0,%22r%22:0,%22re%22:541,%22f%22:541,%22dn%22:541,%22dne%22:541,%22c%22:541,%22ce%22:541,%22rq%22:542,%22rp%22:1263,%22rpe%22:1264,%22dl%22:1265,%22di%22:2214,%22ds%22:2214,%22de%22:2215,%22dc%22:2859,%22l%22:2860,%22le%22:2861%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=2878&fcp=2878&jsonp=NREUM.setToken
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:18 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Connection: keep-alive
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7aG%2Bg21AC2Xt%2BtamQjNCAFv4ql6FI5BV9qbogVhvOADU3diEYA9Q5fMki%2BXAnQjFIwGeEIXnL4S3Yod08NlifnRCfdSGVXTYBLAFmfSjrNLjxNVnoM3rrKNKRapBdZrCS0tB86%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
access-control-allow-credentials: true
CF-Ray: 6fff51de1dc19a18-FRA

POST
H2 200 session_cookies Show response
connect.mandiant.com/live_board/v1/boards/128943/ 8 B
774 B 386ms
386ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v1/boards/128943/session_cookies

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

2ed1eb5cd12a9a36fd106ab8e57361801c1ef1ded2bc41eb7cc00b1598a6352f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 34
x-xss-protection: 1; mode=block
x-request-id: 1e6dad96-198a-4643-a19d-6dffbc881c70
x-runtime: 0.027906
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVBJEF1AQw0ODGhSWAkPWFNATQURB1EWXUAUCBoCA1QAWAlWAFdSDgFZXloOBwhSTVIZAQVfUQMDBlNeV1MHUQ1aDBQZAx9HClgDU1cAUgYDUwJbC1dUUUNOUVBbFQFs
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"05c72a4636c529929a978b244b8908fe"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

GET
H2 200 b0pvdacc9gwzokrvobpl.png
images.folloze.com/image/upload/c_fill,f_auto,h_238,q_auto,w_368/ 6 KB
6 KB 192ms
192ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_fill,f_auto,h_238,q_auto,w_368/b0pvdacc9gwzokrvobpl.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

331efcb891c0aec16bcb8dc80c1cbe64e689a29544e73d18696bea4d5d4ca189

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="b0pvdacc9gwzokrvobpl.webp"
server-timing: fastly;dur=185;cpu=0;start=2022-04-22T15:16:18.302Z;desc=miss,rtt;dur=6,cloudinary;dur=90;start=2022-04-22T15:16:18.348Z
vary: Save-Data
content-length: 5864
last-modified: Tue, 19 Apr 2022 14:26:13 GMT
server: Cloudinary
etag: "26e88d109a959ab79f674c0dec94ee03"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 items Show response
connect.mandiant.com/live_board/v2/boards/128943/ 8 KB
3 KB 584ms
584ms XHR
application/json 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mandiant.com/live_board/v2/boards/128943/items

Requested by

Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cowboy /

Resource Hash

2a093870b17affd099781ef48f6656f4fbbca663206e789e108cfd189d25da86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UA4DV1RSGwQIXVVSBgAC
X-CSRF-Token: sncjtezIuNNYQGKUxMm3A+R0xBZRIZQCp5PeeFv1K7QToNOtmH2CHW3N7rYNyzmK7ocPstp0XMqgl/pCyLbu/g==
accept-language: de-DE,de;q=0.9
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJsZWFkX2lkIjoyMzk4NTYwMywiYm9hcmRfaWQiOjEyODk0M30.0Z8kx2OL8Aocq-Rmr3Atb9fjlmKHQ7xbK7Eb8IIE6ZMxXoU5jCHDmSmXVoJ4On7e341vEA13rJOUqX5JHdhJgJ_CVCL6WoI3FjskPh3R3UrmJRlE_wGejzcfcLDvMJD68kDY-Ay_VTIu3oiQCEu4H68J6uduQgTIrkWKAZ43JUycRfYm6Ls2DJWSFElJSi_L9ne-MLUcM8TiNjPkzDfPfwwF2Q9sAWwwxUdeuzJeN-f1nPpYk5xrsl6Q39hEFhck8cqy04yEUwZa2JC-Li0sOjsObngK3dNPnx2GYM1QmI7D75O8VC1Q3nP1fCGIckYUzRbMrcI7ZgshquPrw8z6_A
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://connect.mandiant.com/sled
X-Requested-With: XMLHttpRequest
folloze-session-guid: 225ff1ce-0431-4f38-971d-608e71dd961c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-protected-by: Sqreen
content-length: 2634
x-xss-protection: 1; mode=block
x-request-id: f2f93021-e7d7-4f86-91b6-78d5a0697bcf
x-runtime: 0.225688
x-newrelic-app-data: PxQDWVJVCgITU1lbAwEGV1ETGhEhCQ0WQg1UDl1KG15aE1w+Uw5SEAAZQVNJCkxWXRdOC0NUWhVLWFhXBx5BTgBMCFIIDQwBBVUPUwNRB1dcDw9VUk8IHQJWVlYHBQZXUwQOB1BUW1cCThVTFBoNBAVWC1IGVFBWBVNRBAQBGh9WBQ0RUmw=
server: Cowboy
x-frame-options: SAMEORIGIN
etag: W/"fef17ec3e0641318655b06c8a997f1e9"
x-download-options: noopen
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
expires: Fri, 22 Apr 2022 15:16:18 GMT

OPTIONS
H/1.1 204
No Content page_views
abm2.listenloop.com/api/v1/public/ 0
0 97ms
96ms Preflight 54.88.152.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://abm2.listenloop.com/api/v1/public/page_views
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-152-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://connect.mandiant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Access-Control-Allow-Origin: https://connect.mandiant.com
Connection: keep-alive
Date: Fri, 22 Apr 2022 15:16:18 GMT
Server: nginx

POST page_views
abm2.listenloop.com/api/v1/public/ 0
0

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 209ms
209ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=cfd5ce17b65d0000c0c66262240200006efa1601&session=8dfceeb6-7a3d-4d85-8a42-249bce27fcf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A16%20GMT%22%2C%22timeSpent%22%3A%222307%22%2C%22totalTimeSpent%22%3A%222307%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Securing%20State%20and%20Local%20Governments%20%7C%20mandiant.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fconnect.mandiant.com%2Fsled&pageViewId=575906b9-eed2-4fd6-8f69-1bc329e23951&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:19 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 unijibhg9kw6udgey6xe.png
images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1646760546/ 10 KB
10 KB 196ms
195ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1646760546/unijibhg9kw6udgey6xe.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5ae8700443fc983759158a39c68464e20c41574eb4520cc9ef95fb1f4737389a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="unijibhg9kw6udgey6xe.webp"
server-timing: fastly;dur=188;cpu=0;start=2022-04-22T15:16:18.989Z;desc=miss,rtt;dur=6,cloudinary;dur=98;start=2022-04-22T15:16:19.034Z
vary: Save-Data
content-length: 10224
last-modified: Wed, 09 Mar 2022 00:18:21 GMT
server: Cloudinary
etag: "950f3c50111e8147782baed47441161f"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e8dff0b4-3acc-4b36-9aeb-2ea89a8cf40b.jpg
images.folloze.com/image/fetch/c_fill,f_auto,h_233,q_auto,w_348/https://us02web.zoom.us/w_p/81167208290/ 6 KB
6 KB 211ms
209ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/fetch/c_fill,f_auto,h_233,q_auto,w_348/https://us02web.zoom.us/w_p/81167208290/e8dff0b4-3acc-4b36-9aeb-2ea89a8cf40b.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a19b5ddb60e0e37db84cd65b158f1e46e0c7b4eccc3665f901d8d995971f65fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="e8dff0b4-3acc-4b36-9aeb-2ea89a8cf40b.webp"
server-timing: fastly;dur=203;cpu=0;start=2022-04-22T15:16:18.990Z;desc=miss,rtt;dur=6,cloudinary;dur=110;start=2022-04-22T15:16:19.035Z
vary: Save-Data
content-length: 5850
last-modified: Wed, 09 Mar 2022 00:18:21 GMT
server: Cloudinary
etag: "0b722d809fe5df4936df6cb7b3ff58ff"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dqyzh6fpoxl85l6ihojo.png
images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1646761014/ 15 KB
15 KB 150ms
149ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1646761014/dqyzh6fpoxl85l6ihojo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6aa9e1d2144dbc05956683069dc4af98fa03057ff0a661e4567b8f67ae526a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="dqyzh6fpoxl85l6ihojo.webp"
server-timing: fastly;dur=142;cpu=1;start=2022-04-22T15:16:18.990Z;desc=miss,rtt;dur=6,cloudinary;dur=51;start=2022-04-22T15:16:19.035Z
vary: Save-Data
content-length: 15436
last-modified: Wed, 09 Mar 2022 00:18:21 GMT
server: Cloudinary
etag: "00a434b87b43c240ca3079f922ae7665"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tigtn03nwx9kzfktdg64.png
images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1646758200/ 11 KB
11 KB 197ms
196ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1646758200/tigtn03nwx9kzfktdg64.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a75c2e52993b33b78d47ac6c03dcaedc82a56b5070927d667508c75e3e6e0ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="tigtn03nwx9kzfktdg64.webp"
server-timing: fastly;dur=190;cpu=0;start=2022-04-22T15:16:18.990Z;desc=miss,rtt;dur=6,cloudinary;dur=96;start=2022-04-22T15:16:19.036Z
vary: Save-Data
content-length: 11224
last-modified: Wed, 09 Mar 2022 00:18:21 GMT
server: Cloudinary
etag: "53a0c0653ae5b4b90839557cc129210d"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 osutdxhjae9ab39dhfsa.png
images.folloze.com/image/upload/c_crop,h_1.00,r_0,w_0.81,x_0.00,y_0.00/c_fill,f_auto,h_233,q_auto,w_348/v1645081051/ 17 KB
18 KB 172ms
171ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_crop,h_1.00,r_0,w_0.81,x_0.00,y_0.00/c_fill,f_auto,h_233,q_auto,w_348/v1645081051/osutdxhjae9ab39dhfsa.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

baf28ba8127f0f30ef64f8907a2a28d413f2a18f8472ccf9d8b3599b4790b70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="osutdxhjae9ab39dhfsa.webp"
server-timing: fastly;dur=163;cpu=1;start=2022-04-22T15:16:18.990Z;desc=miss,rtt;dur=6,cloudinary;dur=70;start=2022-04-22T15:16:19.038Z
vary: Save-Data
content-length: 17706
last-modified: Thu, 17 Feb 2022 07:00:22 GMT
server: Cloudinary
etag: "37d9598a4dce9d9f5824d2b0dbd966e0"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lyiuzjtbwwm917gjz0so.png
images.folloze.com/image/upload/c_crop,h_0.52,r_0,w_1.00,x_0.00,y_0.00/c_fill,f_auto,h_233,q_auto,w_348/ 7 KB
7 KB 184ms
184ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_crop,h_0.52,r_0,w_1.00,x_0.00,y_0.00/c_fill,f_auto,h_233,q_auto,w_348/lyiuzjtbwwm917gjz0so.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7e5262a2bf98894ffe0310d46c2851cb289028e579230628afbf08ebb127d7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="lyiuzjtbwwm917gjz0so.webp"
server-timing: fastly;dur=177;cpu=0;start=2022-04-22T15:16:18.990Z;desc=miss,rtt;dur=6,cloudinary;dur=83;start=2022-04-22T15:16:19.037Z
vary: Save-Data
content-length: 7194
last-modified: Thu, 17 Feb 2022 07:13:47 GMT
server: Cloudinary
etag: "b716f8a74d7ff322186a43fd9be07d59"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 t0cuvgm5b7znikf6du0l.png
images.folloze.com/image/upload/c_crop,h_0.79,r_0,w_1.00,x_0.00,y_0.00/c_fill,f_auto,h_233,q_auto,w_348/v1645056139/ 15 KB
15 KB 160ms
160ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_crop,h_0.79,r_0,w_1.00,x_0.00,y_0.00/c_fill,f_auto,h_233,q_auto,w_348/v1645056139/t0cuvgm5b7znikf6du0l.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

eea19be98366a929f6d40ec18b05aec5aec8acfb67320b74fd4c866a09a779fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="t0cuvgm5b7znikf6du0l.webp"
server-timing: fastly;dur=152;cpu=1;start=2022-04-22T15:16:18.990Z;desc=miss,rtt;dur=6,cloudinary;dur=56;start=2022-04-22T15:16:19.045Z
vary: Save-Data
content-length: 15488
last-modified: Thu, 17 Feb 2022 07:00:22 GMT
server: Cloudinary
etag: "a4d4b522f8add47a9a62c5450da9d263"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 evcryy1f8qdkognh0igk.png
images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1615404451/ 10 KB
10 KB 159ms
159ms Image
image/webp 2a04:4e42:200::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.folloze.com/image/upload/c_fill,f_auto,h_233,q_auto,w_348/v1615404451/evcryy1f8qdkognh0igk.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

691b7b499a138a60c7ca88a501808b9078ab507049af2a933f8dbddc765d86b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:16:19 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="evcryy1f8qdkognh0igk.webp"
server-timing: fastly;dur=152;cpu=1;start=2022-04-22T15:16:18.990Z;desc=miss,rtt;dur=6,cloudinary;dur=61;start=2022-04-22T15:16:19.035Z
vary: Save-Data
content-length: 9850
last-modified: Tue, 15 Feb 2022 18:55:56 GMT
server: Cloudinary
etag: "72ccde6fc479a9ca31eb1919977b6bbf"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK 80e565cf6f Show response
bam-cell.nr-data.net/events/1/ 24 B
848 B 139ms
139ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/80e565cf6f?a=78940115&v=1216.487a282&to=IFpfRUAJCA8AER1cDxVQblNdBxYHShBGURIKVm5BUwEBEEoTR1IKClY%3D&rst=3968&ck=1&ref=https://connect.mandiant.com/sled
Requested by: Host: connect.mandiant.com
URL: https://connect.mandiant.com/sled
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://connect.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
content-type: text/plain

Response headers

Date: Fri, 22 Apr 2022 15:16:19 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://connect.mandiant.com
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SS74OrJ%2FDW1ySBN%2BjWyxYeWMIXa0WnfhTYkI532Jh5%2FXLSdXmiNLHeYu3A%2FEXOfCG1U1yny%2BJyIEBhL28MV7C7O8sfE8w%2FV68Uv%2FrsOocEaghmkBMeRlszbhzrqLnM6%2F3TMU0SES"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6fff51e2be829a18-FRA
Content-Length: 24

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 193ms
193ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=cfd5ce17b65d0000c0c66262240200006efa1601&session=8dfceeb6-7a3d-4d85-8a42-249bce27fcf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A18%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223308%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Securing%20State%20and%20Local%20Governments%20%7C%20mandiant.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fconnect.mandiant.com%2Fsled&pageViewId=575906b9-eed2-4fd6-8f69-1bc329e23951&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:20 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 193ms
193ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=cfd5ce17b65d0000c0c66262240200006efa1601&session=8dfceeb6-7a3d-4d85-8a42-249bce27fcf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224309%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Securing%20State%20and%20Local%20Governments%20%7C%20mandiant.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fconnect.mandiant.com%2Fsled&pageViewId=575906b9-eed2-4fd6-8f69-1bc329e23951&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:21 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 211ms
210ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=cfd5ce17b65d0000c0c66262240200006efa1601&session=8dfceeb6-7a3d-4d85-8a42-249bce27fcf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225310%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Securing%20State%20and%20Local%20Governments%20%7C%20mandiant.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fconnect.mandiant.com%2Fsled&pageViewId=575906b9-eed2-4fd6-8f69-1bc329e23951&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:22 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 18:57:20 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502810-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 203ms
202ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=cfd5ce17b65d0000c0c66262240200006efa1601&session=8dfceeb6-7a3d-4d85-8a42-249bce27fcf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A21%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%226314%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Securing%20State%20and%20Local%20Governments%20%7C%20mandiant.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fconnect.mandiant.com%2Fsled&pageViewId=575906b9-eed2-4fd6-8f69-1bc329e23951&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 15:16:23 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: abm2.listenloop.com
URL: https://abm2.listenloop.com/api/v1/public/page_views

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=cfd5ce17b65d0000c0c66262240200006efa1601&session=8dfceeb6-7a3d-4d85-8a42-249bce27fcf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2022%20Apr%202022%2015%3A16%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%227315%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Securing%20State%20and%20Local%20Governments%20%7C%20mandiant.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fconnect.mandiant.com%2Fsled&pageViewId=575906b9-eed2-4fd6-8f69-1bc329e23951&an_uid=0

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.6sc.co/	1970-01-20 20:01:52	Name: 6suuid Value: cfd5ce17b65d0000c0c66262240200006efa1601
.bidr.io/	1970-01-20 11:59:14	Name: bito Value: AAC31E7ExY4AADv0z6wBEQ
.bidr.io/	1970-01-20 11:59:14	Name: bitoIsSecure Value: ok
connect.mandiant.com/	1970-01-20 11:16:16	Name: ipqsd Value: 1259325167
connect.mandiant.com/	1970-01-20 20:01:52	Name: _gd_visitor Value: d50c7d1c-1bbd-4e05-8869-30f34af9ec8b
connect.mandiant.com/	1970-01-20 02:30:54	Name: _gd_session Value: 8dfceeb6-7a3d-4d85-8a42-249bce27fcf7
connect.mandiant.com/	1970-01-20 20:01:52	Name: _gd_svisitor Value: cfd5ce17b65d0000c0c66262240200006efa1601
connect.mandiant.com/	1970-01-20 02:40:45	Name: _an_uid Value: 0
.connect.mandiant.com/	1970-01-24 00:59:02	Name: fingerprint_1650640578243 Value: undefined-1650640578243
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: fa1ecb2118053f73
.mandiant.com/	1969-12-31 23:59:59	Name: folloze_lead Value: BAhJIkF7ImxlYWRfaWQiOjIzOTg1NjAzLCJvcmdhbml6YXRpb25fbGVhZCI6eyIxMzUyODQiOjIzOTg1NjAzfX0GOgZFVA%3D%3D--8396202baae7da736ae1acfeb4ae2ef2e209e98e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abm2.listenloop.com
ajax.googleapis.com
b.6sc.co
bam-cell.nr-data.net
c.6sc.co
cdn.folloze.com
cdn.jsdelivr.net
cdn.polyfill.io
connect.mandiant.com
fn.us.ipsec.folloze.com
folloze-pingy.herokuapp.com
fonts.googleapis.com
fonts.gstatic.com
images.folloze.com
ipsec.folloze.com
j.6sc.co
js-agent.newrelic.com
secure.adnxs.com
segment.prod.bidr.io
unpkg.com
v2.listenloop.com
abm2.listenloop.com
b.6sc.co
151.101.2.137
162.247.243.146
185.33.221.14
192.158.224.59
2606:4700::6810:5714
2606:4700::6810:7daf
2a00:1450:4001:803::2003
2a00:1450:4001:810::200a
2a00:1450:4001:812::200a
2a02:26f0:6c00::210:ba28
2a04:4e42:200::282
2a04:4e42:200::614
2a06:98c1:3121::7
3.209.172.72
52.19.155.47
54.88.152.191
96.16.137.162
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10f0a4e08c91b1a420e978f37877d9bc2db3db3d1e60d00635f325b2bd9deeeb
1cddcd88d3332d560856627ab2cecc7d9aa6c9d616729701ae13902d1671d0b0
1ff6f7652cf237cca0cecd366272354339e20249b61bb86195f7e9b9162f8b29
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
25b66e1a79c86b237ebdaaff35ca70f2f6c5afd5f0a873913797621900bc6c3b
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
2a093870b17affd099781ef48f6656f4fbbca663206e789e108cfd189d25da86
2ed1eb5cd12a9a36fd106ab8e57361801c1ef1ded2bc41eb7cc00b1598a6352f
2f77b164c0d08c7067c8bb6d81e73db6eb7979be1e0f8ca19dff44200f00084f
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
331efcb891c0aec16bcb8dc80c1cbe64e689a29544e73d18696bea4d5d4ca189
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3b656888f5dc52d9ca59310ec6c56e06c6c2fcdf9471e6e8d1712d31e71c1a96
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
56bf97572cc7de5a19131a062e5e0e64ffa38dc71e87cdfa7c0e481e15f2d628
5ae8700443fc983759158a39c68464e20c41574eb4520cc9ef95fb1f4737389a
5e52b5c49da466071af48ecc9fc5345a596fc3bd4e03ccf327cec64beb72c6f5
63d12fca9fae33bfc7f1483b2a04fdb4e7c55f0563c6a44acefd81b86392b5bc
691b7b499a138a60c7ca88a501808b9078ab507049af2a933f8dbddc765d86b6
6aa9e1d2144dbc05956683069dc4af98fa03057ff0a661e4567b8f67ae526a52
6abe5b4a45660d2e1c1a6f439d996d8a69a7a1a472be169c3121ade517b7ab05
79a4602aac4ffd6534295c008c3ba1de604231ce9294a4e22b947ed4a01be2d4
7b41cc6d77b0bfd50a0a3f86c2c2cd76369600451e503a05eb1722c2d60c25e8
7e5262a2bf98894ffe0310d46c2851cb289028e579230628afbf08ebb127d7c0
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a646636a972c54182f938d60876e21a6dd45e1dd86363c735a10cb8f378d7c6
924673bdd3c8a7a72a903ea2aa164cd6eff154ed4c1e1194370edabec4fb3beb
9ff1dc09eabf6193391626ecc2e2f56c5626cbf1b57b7b48a1c6fdd0f746b878
a19b5ddb60e0e37db84cd65b158f1e46e0c7b4eccc3665f901d8d995971f65fa
a75c2e52993b33b78d47ac6c03dcaedc82a56b5070927d667508c75e3e6e0ca4
b7c27cb4ececef7870a3883efefe00d6c0d5c6d8fd448f65c0f22b748690744e
b9446bebca721873c0f9260e975ff449fb9ad6909d18ac3b51ab032abf6132b4
baf28ba8127f0f30ef64f8907a2a28d413f2a18f8472ccf9d8b3599b4790b70b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc9b3fe976ba2bf33283a5ee6ed92e1714de57b3791c9c4ae9604dc65d6eb46f
c52e2cf296b4eeef0eead53ae9024c5f28a19e5bc7b327044f7b68a6af4869a8
c667ee514f7a7e676bf1c78bf95308ef1c90a20f258278deae37872f9407438b
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d597dd68b451a35af7e7f1f310645e93e9f6d0cafd18924ca17adc137a853d7a
d6efc9d998ed1de49dcb13acc56351087d0b1ff8836d84f163e6a22c65cf15dd
d790a98e11dd2f3e44496ac190929f9c59cec776b029c0fd2b6ac4a93c0b8c7b
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea19be98366a929f6d40ec18b05aec5aec8acfb67320b74fd4c866a09a779fa
f39a56d86e98fa60dbf431c53823e713ff21b2ce2af59890aa49c6ba33ed1190
fc5ed7beae7dfc9edeefb2b9dc5acc2e4bf36b97f1d69c4783088eb03be33053
fe736b2a325b166094d1764188fe05898710458b2ec52c158d11a149005a2118

connect.mandiant.com Open in urlscan Pro 2a02:26f0:6c00::210:ba28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

94 %HTTPS

53 %IPv6

14 Domains

21 Subdomains

18 IPs

4 Countries

1391 kBTransfer

3769 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

connect.mandiant.com Open in urlscan Pro
2a02:26f0:6c00::210:ba28 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

94 %
HTTPS

53 %
IPv6

14
Domains

21
Subdomains

18
IPs

4
Countries

1391 kB
Transfer

3769 kB
Size

11
Cookies

67 HTTP transactions
0 data transactions