etp.us.fireeyegov.com Open in urlscan Pro
2606:4700::6810:6a2a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
Submission: On November 18 via manual (November 18th 2021, 5:57:53 am UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700::6810:6a2a, located in United States and belongs to CLOUDFLARENET, US. The main domain is etp.us.fireeyegov.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2021. Valid for: a year.

This is the only time etp.us.fireeyegov.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 17	2606:4700::68... 2606:4700::6810:6a2a		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2

17 2606:4700::6810:6a2a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

etp.us.fireeyegov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	fireeyegov.com 1 redirects etp.us.fireeyegov.com	983 KB
16	1

	Domain	Requested by
17	etp.us.fireeyegov.com	1 redirects etp.us.fireeyegov.com
16	1

This site contains no links.

Subject Issuer	Validity	Valid
fireeyegov.com Cloudflare Inc ECC CA-3	`2021-06-06` - `2022-06-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
Frame ID: F3D7BA6EBB0E7319A5C961571531F929
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FireEye - Email Security

Page URL History Show full URLs

https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b80... HTTP 301
https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b80... Page URL

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

982 kB
Transfer

2885 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6 HTTP 301
https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
Redirect Chain

https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6
https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/

5 KB
2 KB

292ms
291ms

Document
text/html

2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d91243701e4d186097c4a6c7a9ffda70d652803d10614c47811a870dc8b33a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

date: Thu, 18 Nov 2021 05:57:47 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: max-age=0
content-language: en
expires: Thu, 18 Nov 2021 05:57:47 GMT
last-modified: Thu, 18 Nov 2021 05:57:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Cookie, Accept-Language
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6afef69c3aeb52b9-LAX
content-encoding: gzip

Redirect headers

date: Thu, 18 Nov 2021 05:57:47 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: max-age=0
content-language: en
expires: Thu, 18 Nov 2021 05:57:47 GMT
last-modified: Thu, 18 Nov 2021 05:57:47 GMT
location: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Language
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6afef69ac85752b9-LAX

GET
H2 200 ondemand-vendor-min.css
etp.us.fireeyegov.com/static/css/etpcss/prod/ 404 KB
65 KB 200ms
200ms Stylesheet
text/css 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af0f31e36025873a7e10323d8ec0f176b7e4782ed8b5b3ec707e2c28433a7176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"614db4aa-64fab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
cf-ray: 6afef69e2f0f52b9-LAX
expires: Thu, 18 Nov 2021 09:57:47 GMT

GET
H2 200 ondemand-app-min.css
etp.us.fireeyegov.com/static/css/etpcss/prod/ 125 KB
35 KB 337ms
336ms Stylesheet
text/css 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92cb2ba23a3329c9df76356f47682ca2cb9d9a1a5ee3ed708ddf99b2a8149250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"614db4aa-1f35e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: text/css
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
cf-ray: 6afef69e2f1252b9-LAX
expires: Thu, 18 Nov 2021 09:57:48 GMT

GET
H2 200 ondemand-vendor-min.js Show response
etp.us.fireeyegov.com/static/scripts/etpjs/prod/ 1 MB
422 KB 440ms
440ms Script
application/javascript 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/scripts/etpjs/prod/ondemand-vendor-min.js

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba5ca101c6224d48281de2b90eed3d14f6635d01f487a153d7a386f17fb274a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:15 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"614db4ab-159b3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
cf-ray: 6afef69e2f1452b9-LAX
expires: Thu, 18 Nov 2021 09:57:48 GMT

GET
H2 200 ondemand-app-min.js Show response
etp.us.fireeyegov.com/static/scripts/etpjs/prod/ 617 KB
123 KB 267ms
267ms Script
application/javascript 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/scripts/etpjs/prod/ondemand-app-min.js

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

555cd772e3534f109d117ac042a9d4ee28ede433c18aa58cf879cb844141d32c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"614db4aa-9a2fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: application/javascript
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
cf-ray: 6afef69e2f1652b9-LAX
expires: Thu, 18 Nov 2021 09:57:47 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca8da9226104be4d768dd4bdff3f066d6dfdaa0ecaacfa33bfb7a835de93f5fb

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OpenSans-Semibold.woff2
etp.us.fireeyegov.com/static/fonts/Semibold/ 62 KB
62 KB 195ms
195ms Font
font/woff2 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/fonts/Semibold/OpenSans-Semibold.woff2?v=1.1.0

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css
Origin: https://etp.us.fireeyegov.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 63728
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-f8f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a2685c52b9-LAX
expires: Thu, 18 Nov 2021 09:57:48 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
etp.us.fireeyegov.com/static/fonts/bootstrap/ 18 KB
18 KB 202ms
201ms Font
font/woff2 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/fonts/bootstrap/glyphicons-halflings-regular.woff2

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css
Origin: https://etp.us.fireeyegov.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 18028
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-466c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a2686352b9-LAX
expires: Thu, 18 Nov 2021 09:57:48 GMT

GET
H2 200 / Show response
etp.us.fireeyegov.com/public/filters/quarantine/ 424 B
434 B 262ms
261ms XHR
application/json 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/public/filters/quarantine/

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/scripts/etpjs/prod/ondemand-vendor-min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f9384233c518e9437e70d20495008f4d91bc3dac64d1660aa815f2079c11986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-CSRFToken: C5I4jegrxIA9T4F5Dd3v6zkcp5O02CkI

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Cookie, Accept-Language
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 05:57:48 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-language: en
content-type: application/json
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: max-age=0
cf-ray: 6afef6a2f99452b9-LAX
expires: Thu, 18 Nov 2021 05:57:48 GMT

GET
H2 200 OpenSans-Bold.woff2
etp.us.fireeyegov.com/static/fonts/Bold/ 46 KB
46 KB 191ms
191ms Font
font/woff2 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/fonts/Bold/OpenSans-Bold.woff2?v=1.1.0

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css
Origin: https://etp.us.fireeyegov.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 46676
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-b654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a309b452b9-LAX
expires: Thu, 18 Nov 2021 09:57:48 GMT

GET
H2 200 / Show response
etp.us.fireeyegov.com/public/quarantine/json/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/ 15 KB
4 KB 341ms
340ms XHR
application/json 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/public/quarantine/json/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/?sEcho=1&start=0&rowCount=20&sortCol=date&sortDir=asc&isSearch=true&searchQuery=%7B%22traffic_type%22%3A%22in%22%7D&csrfmiddlewaretoken=C5I4jegrxIA9T4F5Dd3v6zkcp5O02CkI

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/scripts/etpjs/prod/ondemand-vendor-min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b8897fdff39b6f0a14365b8edcfc6d67440eacabe2be6c25d3ecc9131becdaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://etp.us.fireeyegov.com/public/quarantine/82e523e89933450490401748aa8cb3138f10097d3f1949289844008b804685b6/
X-Requested-With: XMLHttpRequest
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Cookie, Accept-Language
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 05:57:48 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-language: en
content-type: application/json
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: max-age=0
cf-ray: 6afef6a34a5052b9-LAX
expires: Thu, 18 Nov 2021 05:57:48 GMT

GET
H2 200 OpenSans-SemiboldItalic.woff2
etp.us.fireeyegov.com/static/fonts/SemiboldItalic/ 55 KB
55 KB 215ms
215ms Font
font/woff2 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/fonts/SemiboldItalic/OpenSans-SemiboldItalic.woff2?v=1.1.0

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c084b2efe49e82face612ec84ef7057f374c5a4f9f77c911005bf32448a455e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css
Origin: https://etp.us.fireeyegov.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 56660
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-dd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a34a5752b9-LAX
expires: Thu, 18 Nov 2021 09:57:48 GMT

GET
H2 200 OpenSans-Regular.woff2
etp.us.fireeyegov.com/static/fonts/Regular/ 46 KB
46 KB 269ms
269ms Font
font/woff2 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://etp.us.fireeyegov.com/static/fonts/Regular/OpenSans-Regular.woff2?v=1.1.0

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-vendor-min.css
Origin: https://etp.us.fireeyegov.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:48 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 47016
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-b7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: font/woff2
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a35a7c52b9-LAX
expires: Thu, 18 Nov 2021 09:57:48 GMT

GET
H2 200 sort_asc.png
etp.us.fireeyegov.com/static/images/ 3 KB
3 KB 273ms
272ms Image
image/png 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etp.us.fireeyegov.com/static/images/sort_asc.png

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f579b2ecee6c22c2d93f442ae496f6fa6ace55575e9f5bfa3a18c6eaa2a459c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 2861
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-b2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a5a83652b9-LAX
expires: Thu, 18 Nov 2021 09:57:49 GMT

GET
H2 200 details_open.png
etp.us.fireeyegov.com/static/images/ 1022 B
1 KB 197ms
197ms Image
image/png 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etp.us.fireeyegov.com/static/images/details_open.png

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59f6cf28ef7cc2d3d82c161b4103cb71ea4faece5d72d557bde22302fd65372e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 1022
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-3fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a5a83752b9-LAX
expires: Thu, 18 Nov 2021 09:57:49 GMT

GET
H2 200 flags.png
etp.us.fireeyegov.com/static/images/ 94 KB
94 KB 209ms
208ms Image
image/png 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etp.us.fireeyegov.com/static/images/flags.png

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4dbac85b1a4ee187a76c9125a742c95bd5b39e28d61d266d82b477f375333c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 96390
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-17886"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a5a83952b9-LAX
expires: Thu, 18 Nov 2021 09:57:49 GMT

GET
H2 200 verdict.png
etp.us.fireeyegov.com/static/images/ 6 KB
6 KB 204ms
204ms Image
image/png 2606:4700::6810:6a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://etp.us.fireeyegov.com/static/images/verdict.png

Requested by

Host: etp.us.fireeyegov.com
URL: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:6a2a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de78b2e22edb441a8a40d19ecb8cc17bdfb273605be89c2f97e34f33b135531a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://etp.us.fireeyegov.com/static/css/etpcss/prod/ondemand-app-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 05:57:49 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 6216
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:21:14 GMT
server: cloudflare
x-frame-options: DENY
etag: "614db4aa-1848"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains;
content-type: image/png
access-control-allow-origin: http://fireeye.com https://fireeye.com http://fireeyegov.com https://fireeyegov.com http://mandiant.com https://mandiant.com
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6afef6a5a83c52b9-LAX
expires: Thu, 18 Nov 2021 09:57:49 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			etp.us.fireeyegov.com/	1970-01-20 07:31:04	Name: csrftoken Value: C5I4jegrxIA9T4F5Dd3v6zkcp5O02CkI
			etp.us.fireeyegov.com/	1970-01-19 22:46:55	Name: sessionid Value: 7ommm9me9s9g9hvettifca7d1th6grv0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

etp.us.fireeyegov.com
2606:4700::6810:6a2a
0c084b2efe49e82face612ec84ef7057f374c5a4f9f77c911005bf32448a455e
1b8897fdff39b6f0a14365b8edcfc6d67440eacabe2be6c25d3ecc9131becdaa
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
555cd772e3534f109d117ac042a9d4ee28ede433c18aa58cf879cb844141d32c
59f6cf28ef7cc2d3d82c161b4103cb71ea4faece5d72d557bde22302fd65372e
5e4dbac85b1a4ee187a76c9125a742c95bd5b39e28d61d266d82b477f375333c
5f579b2ecee6c22c2d93f442ae496f6fa6ace55575e9f5bfa3a18c6eaa2a459c
6f9384233c518e9437e70d20495008f4d91bc3dac64d1660aa815f2079c11986
92cb2ba23a3329c9df76356f47682ca2cb9d9a1a5ee3ed708ddf99b2a8149250
af0f31e36025873a7e10323d8ec0f176b7e4782ed8b5b3ec707e2c28433a7176
ba5ca101c6224d48281de2b90eed3d14f6635d01f487a153d7a386f17fb274a8
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
ca8da9226104be4d768dd4bdff3f066d6dfdaa0ecaacfa33bfb7a835de93f5fb
d91243701e4d186097c4a6c7a9ffda70d652803d10614c47811a870dc8b33a6e
de78b2e22edb441a8a40d19ecb8cc17bdfb273605be89c2f97e34f33b135531a
df0231affb521137bf135898b6ce4c2ce59a79e3e23068a673868366c7ac68bb
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

etp.us.fireeyegov.com Open in urlscan Pro 2606:4700::6810:6a2a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

982 kBTransfer

2885 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

etp.us.fireeyegov.com Open in urlscan Pro
2606:4700::6810:6a2a Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

982 kB
Transfer

2885 kB
Size

2
Cookies

16 HTTP transactions
1 data transactions