www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-windows-management-instrumentation.pdf
Effective URL:
https://www.mandiant.com/resources/reports
Submission: On February 19 via api (February 19th 2024, 8:49:11 pm UTC) from US — Scanned from DE

Summary HTTP 101 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 31 IPs in 3 countries across 25 domains to perform 101 HTTP transactions. The main IP is 2606:4700:300b::a29f:f17d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com. The Cisco Umbrella rank of the primary domain is 377773.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 2nd 2023. Valid for: a year.

This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:300... 2606:4700:300b::a29f:f67d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 33	2606:4700:300... 2606:4700:300b::a29f:f17d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2ad3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:780... 2a02:26f0:780::210:a420	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	23.197.137.224 23.197.137.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:4341	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	18.164.52.121 18.164.52.121	16509 (AMAZON-02) (AMAZON-02)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
2	54.205.198.24 54.205.198.24	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	23.53.43.58 23.53.43.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e70	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
101	31

1 2606:4700:300b::a29f:f67d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2606:4700:300b::a29f:f17d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2ad3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn4.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a420 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.197.137.224 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-137-224.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-121.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

565-pei-952.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.198.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-24.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.53.43.58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-58.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	mandiant.com 2 redirects www.mandiant.com — Cisco Umbrella Rank: 377773	6 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
10	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2400	76 KB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 6461 c.6sc.co — Cisco Umbrella Rank: 9771 ipv6.6sc.co — Cisco Umbrella Rank: 6648 b.6sc.co — Cisco Umbrella Rank: 4424	21 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 391 www.linkedin.com — Cisco Umbrella Rank: 643 px4.ads.linkedin.com — Cisco Umbrella Rank: 6482	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
3	salesloft.com scout-cdn.salesloft.com — Cisco Umbrella Rank: 11800 scout.salesloft.com — Cisco Umbrella Rank: 15048	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 409	14 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4212	29 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	403 B
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 4365	7 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 825 script.hotjar.com — Cisco Umbrella Rank: 1119	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	69 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1036	17 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	208 KB
1	mktoresp.com 565-pei-952.mktoresp.com	318 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 935	396 B
1	t.co t.co — Cisco Umbrella Rank: 641	376 B
1	google.de www.google.de — Cisco Umbrella Rank: 5654	408 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 916	15 KB
1	iconfinder.com cdn4.iconfinder.com — Cisco Umbrella Rank: 114551	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	5 KB
1	fireeye.com 1 redirects www.fireeye.com — Cisco Umbrella Rank: 844923	163 B
101	25

	Domain	Requested by
33	www.mandiant.com	2 redirects www.mandiant.com
12	www.gstatic.com	www.mandiant.com www.google.com www.gstatic.com
9	www.google.com	www.mandiant.com www.gstatic.com www.google.com
6	b.6sc.co
4	px.ads.linkedin.com	3 redirects snap.licdn.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.mandiant.com
3	static.addtoany.com	www.mandiant.com static.addtoany.com
2	fonts.gstatic.com	fonts.googleapis.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	munchkin.marketo.net	www.mandiant.com munchkin.marketo.net
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googletagmanager.com	www.mandiant.com www.googletagmanager.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	j.6sc.co	www.mandiant.com
1	565-pei-952.mktoresp.com	munchkin.marketo.net
1	www.facebook.com	www.mandiant.com
1	analytics.twitter.com	www.mandiant.com
1	t.co	www.mandiant.com
1	px4.ads.linkedin.com	www.mandiant.com
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	www.google.de	www.mandiant.com
1	region1.analytics.google.com	www.googletagmanager.com
1	scout-cdn.salesloft.com	www.mandiant.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	cdn4.iconfinder.com	www.mandiant.com
1	fonts.googleapis.com	www.mandiant.com
1	cdnjs.cloudflare.com	www.mandiant.com
1	www.fireeye.com	1 redirects
101	34

This site contains links to these domains. Also see Links.

Domain
policies.google.com
cloud.google.com
careers.google.com
login.mandiant.com
www.mandiant.fr
www.mandiant.de
www.mandiant.it
www.mandiant.jp
www.mandiant.kr
www.mandiant.es
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
selling.mandiant.com

Subject Issuer	Validity	Valid
mandiant.com Cloudflare Inc ECC CA-3	`2023-04-02` - `2024-04-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
iconfinder.com E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
static.addtoany.com E1	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-29` - `2024-02-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
6sc.co R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.mandiant.com/resources/reports
Frame ID: 0E9B56E153E01367D351C2985301EEE9
Requests: 84 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: E8D57CE667A5B1B12F0C85E936699859
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=ao5at8vu3guc
Frame ID: 0E660EA1D30FBBC44FE58491B54C482F
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=compact&cb=af7js7ecph4
Frame ID: EA4E1DB3D60EEA19958E15BC9D1D0F34
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: C48D7EB8E01CFD0F887F39F7D897F73C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: DEBA5D2CC1213FF94C2E0763E223290D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Threat Intelligence Reports | Cyber Security Threats & Attacks

Page URL History Show full URLs

https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-windows-management... HTTP 301
https://www.mandiant.com/resources/windows-management-instrumentation-wmi-offense-defense-and-forensics HTTP 301
https://www.mandiant.com/node/7221 HTTP 301
https://www.mandiant.com/resources/reports Page URL

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

101
Requests

98 %
HTTPS

68 %
IPv6

25
Domains

34
Subdomains

31
IPs

3
Countries

8314 kB
Transfer

12304 kB
Size

28
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/technologies/cookies?hl=en
Title: Learn more

Search URL Search Domain Scan URL

URL: https://cloud.google.com/security/sec-ops
Title: Breach Analytics for Chronicle Know what we know when we know it

Search URL Search Domain Scan URL

URL: https://careers.google.com/
Title: Careers Life at Mandiant and open roles

Search URL Search Domain Scan URL

URL: https://login.mandiant.com/
Title: Sign in to Advantage

Search URL Search Domain Scan URL

URL: https://www.mandiant.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.mandiant.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.mandiant.it/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.mandiant.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.mandiant.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.mandiant.es/
Title: Español

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mandiant

Search URL Search Domain Scan URL

URL: https://twitter.com/Mandiant

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCexu0DP7VKdDByusuTA53FQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mandiant/

Search URL Search Domain Scan URL

URL: https://selling.mandiant.com/mandiant/sso.aspx
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en-US
Title: Website Privacy Policy

Search URL Search Domain Scan URL

URL: https://cloud.google.com/product-terms#section-15
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-windows-management-instrumentation.pdf HTTP 301
https://www.mandiant.com/resources/windows-management-instrumentation-wmi-offense-defense-and-forensics HTTP 301
https://www.mandiant.com/node/7221 HTTP 301
https://www.mandiant.com/resources/reports Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3460746%26time%3D1708375745053%26li_adsId%3D967a6f18-2681-42e4-9eb3-38e1389ab76a%26url%3Dhttps%253A%252F%252Fwww.mandiant.com%252Fresources%252Freports%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=true&liSync=true&e_ipv6=AQKo2rJc3P3mFQAAAY3DISTq3yPAlenCYOECTl-5spjk-x6R4Uh3u9dijkIHWoeymP2uAJ0upJ222A

101 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request reports Show response
www.mandiant.com/resources/
Redirect Chain

https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-windows-management-instrumentation.pdf
https://www.mandiant.com/resources/windows-management-instrumentation-wmi-offense-defense-and-forensics
https://www.mandiant.com/node/7221
https://www.mandiant.com/resources/reports

91 KB
19 KB

528ms
528ms

Document
text/html

2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d79af40b66c8fe0e686decab8fd4ff8b221e64cf0fa3b860cb4779cfe339857f

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=2764800, stale-if-error=3600, stale-while-revalidate=3600
cf-cache-status: EXPIRED
cf-ray: 85815fcc4a768fca-FRA
content-encoding: gzip
content-language: en
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 20:49:03 GMT
expect-ct: max-age=86400
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 19 Feb 2024 13:32:15 GMT
referrer-policy: strict-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
surrogate-control: max-age=86400
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: HIT
x-cache-hits: 196
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: v-4b8ac844-cf2b-11ee-b079-f7fe599a0395
x-xss-protection: 1; mode=block

Redirect headers

age: 351
cache-control: max-age=900, public
cf-cache-status: DYNAMIC
cf-ray: 85815fc9983e8fca-FRA
content-language: en
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 20:49:03 GMT
expect-ct: max-age=86400
location: https://www.mandiant.com/resources/reports
referrer-policy: strict-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-redirect-id: 13516
x-request-id: v-7f4f7468-cf67-11ee-b177-3bb9e7cfaa95
x-xss-protection: 1; mode=block

GET
H2 200 css_vIihIVExu7BQypRJliaDGWonZuwMh6nlyvLkRm19GSY.css
www.mandiant.com/sites/default/files/css/ 28 KB
7 KB 760ms
759ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_vIihIVExu7BQypRJliaDGWonZuwMh6nlyvLkRm19GSY.css?delta=0&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f03b3912aa0e04bb5e2efcd1650700d99397a7ed9cc8a82db8cb296cea35b3d

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: report-uri /report-csp-violation
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-5151e202-cf68-11ee-958f-db6cf0fc24f8
referrer-policy: strict-origin
last-modified: Mon, 19 Feb 2024 20:49:04 GMT
server: cloudflare
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/css; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 85815fcfad738fca-FRA
expires: Mon, 19 Feb 2024 20:54:04 GMT

GET
H2 200 css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css
www.mandiant.com/sites/default/files/css/ 707 KB
83 KB 625ms
624ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7b82ca2e7779906e5ed103e6aea92ad41856bf2265ac009947b59b0d752f06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 1221
date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 84381
x-request-id: v-a7764096-cca3-11ee-be31-132bf70134f1
last-modified: Fri, 16 Feb 2024 08:13:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fcfad768fca-FRA
expires: Mon, 04 Mar 2024 20:49:04 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 85ms
40ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2260967
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4364
last-modified: Sat, 06 Jan 2024 12:19:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65993750-110c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0dsMSSJHZ%2Fnb0r5QeRALGpgl49gr11wV1OONZkyfDpC37QhO%2FNCDRvVtHUReP7qvofB2VknvPUDLpTcZn19LWjGA%2FEx6pGuQnR9D0BwkI0ct2QMUxpOklCOegUvQK9VIx0gMFu09FovsyZmWMOOLNvJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85815fcfefe535e2-FRA
expires: Sat, 08 Feb 2025 20:49:04 GMT

GET
H2 200 css_7iLmsYAvPmwCBWO9WyGtsP_MU1cpK-_kGP7CKqMOxGg.css
www.mandiant.com/sites/default/files/css/ 3 KB
892 B 459ms
458ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_7iLmsYAvPmwCBWO9WyGtsP_MU1cpK-_kGP7CKqMOxGg.css?delta=3&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482ba6d0eda8709fc11debe244d706c4784003c6b1c38912454e7333ed7b96c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 123
date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 756
x-request-id: v-8df18b84-cf29-11ee-8a55-272f0c1d41f8
last-modified: Mon, 19 Feb 2024 13:15:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fcfad778fca-FRA
expires: Mon, 04 Mar 2024 20:49:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
2 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400&family=Google+Sans:wght@500&display=swap

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9b7a66985bebc105b4b12f2f466fae88b9b16fe17ea5bc1d515753258a0be19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 20:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 20:49:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 20:49:03 GMT

GET
H2 200 cookienotificationbar.min.css
www.gstatic.com/glue/cookienotificationbar/ 9 KB
2 KB 98ms
52ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

591ec898579fc34d46d85f9b22fa8fcfa88465454caa0d86d03e9e6dc0675f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1670
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:10:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Mon, 19 Feb 2024 20:49:04 GMT

GET
H2 200 icon-close-512.png
cdn4.iconfinder.com/data/icons/ionicons/512/ 4 KB
5 KB 131ms
39ms Image
image/webp 2606:4700:3108::ac42:2ad3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.iconfinder.com/data/icons/ionicons/512/icon-close-512.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2ad3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7762b4265e6050c33745fd1fae5110f9f265564f0a85d9ac01efaa65029db59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1123065
cf-polished: origFmt=png, origSize=8351
content-disposition: inline; filename="icon-close-512.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3858
x-request-id: b91cf936-23cc-4645-afd8-5be66ad3a7fb
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706738852&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=TPWdAamE1l9dUqJDJtMOw2nKaTcDLVPhDZ3fFRATclE%3D
cf-bgj: imgq:100,h2pri
last-modified: Fri, 02 Feb 2024 21:59:39 GMT
server: cloudflare
vary: Accept
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706738852&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=TPWdAamE1l9dUqJDJtMOw2nKaTcDLVPhDZ3fFRATclE%3D"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85815fd4fd919010-FRA
expires: Tue, 18 Feb 2025 20:49:04 GMT

GET
H2 200 mndt-career-hero.jpg
www.mandiant.com/sites/default/files/2021-11/ 146 KB
147 KB 434ms
433ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-11/mndt-career-hero.jpg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e386082319d3ae7ea22aac3f75034ab3c591a9cd71bbf6f46203a5cc7810ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 212
date: Mon, 19 Feb 2024 20:49:04 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 149692
x-request-id: v-3533c8ca-ca5d-11ee-89c3-5fd006bdd388
last-modified: Tue, 30 Nov 2021 21:23:55 GMT
cf-bgj: h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fcfad788fca-FRA
expires: Mon, 04 Mar 2024 20:49:04 GMT

GET
H2 200 reports-thumb.jpg
www.mandiant.com/sites/default/files/2023-02/ 19 KB
19 KB 542ms
541ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-02/reports-thumb.jpg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e28c1e0adaa1aab263a9b2a309eacba93e8be98b638e136854456edb45930e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 837
date: Mon, 19 Feb 2024 20:49:04 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 19786
x-request-id: v-a7787c6c-cca3-11ee-b721-bf48b7e2ec69
last-modified: Fri, 24 Feb 2023 06:22:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fcfad7a8fca-FRA
expires: Mon, 04 Mar 2024 20:49:04 GMT

GET
H2 200 fin12-prioritizes-speed-to-deploy-ransomware-against-high-value-targets.png
www.mandiant.com/sites/default/files/2023-12/ 263 KB
263 KB 612ms
612ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-12/fin12-prioritizes-speed-to-deploy-ransomware-against-high-value-targets.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51b8bcdd582b064711d0cab4f54818cc4a3d094b573e2a24d850424697cfe985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 336
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 269122
x-request-id: v-a7d3637a-cca3-11ee-9d91-4390f38921dc
last-modified: Wed, 27 Dec 2023 11:43:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd2a8178fca-FRA
expires: Mon, 04 Mar 2024 20:49:04 GMT

GET
H2 200 integrated-reasoning.png
www.mandiant.com/sites/default/files/2023-12/ 198 KB
198 KB 614ms
614ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-12/integrated-reasoning.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

055ce499eb8d14ec607cb3be0d295b5877db2b983519efd27343ba9d9228d8e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 341
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 202274
x-request-id: v-a7d28ca2-cca3-11ee-9868-0ffaab9e783e
last-modified: Wed, 27 Dec 2023 11:45:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd308bb8fca-FRA
expires: Mon, 04 Mar 2024 20:49:04 GMT

GET
H2 200 vciso-and-ciso-advisory-services_0.png
www.mandiant.com/sites/default/files/2023-11/ 655 KB
656 KB 599ms
597ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-11/vciso-and-ciso-advisory-services_0.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7298bc20bc720a65d674e27e7da2e96ef62d342011ad53e7cd9e598948eab41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 323
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 670464
x-request-id: v-a84c15c2-cca3-11ee-b72c-779414870430
last-modified: Thu, 16 Nov 2023 10:14:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd47a148fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 virtual-ciso-vciso-and-ciso%20advisory-services.png
www.mandiant.com/sites/default/files/2023-12/ 229 KB
230 KB 631ms
629ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-12/virtual-ciso-vciso-and-ciso%20advisory-services.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d3fa5d9614247a92cd5b47a933975b97a831cfc3b257e24750a238d892cdac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 226
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 234815
x-request-id: v-a8456420-cca3-11ee-8636-ef4fcf2e0cd3
last-modified: Wed, 27 Dec 2023 11:48:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd47a158fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 the-defenders-advantage-cyber-snapshot.png
www.mandiant.com/sites/default/files/2023-09/ 679 KB
680 KB 615ms
613ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-09/the-defenders-advantage-cyber-snapshot.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4162b48b412d9e8e81fa77ac468318f9422ca2f047c533f1ecd67f3c77ed798b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 342
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 695348
x-request-id: v-a847722e-cca3-11ee-8617-5b35d7704719
last-modified: Mon, 11 Sep 2023 10:12:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd47a168fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 external-threat-intelligence-service-providers-q3-2023.png
www.mandiant.com/sites/default/files/2023-09/ 295 KB
296 KB 624ms
622ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-09/external-threat-intelligence-service-providers-q3-2023.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

680f54b8147b10434d0ee0142f7423aa40610d8dbd16a6af910e9e766d521d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 237
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 302473
x-request-id: v-a84992ca-cca3-11ee-9540-b3c5218df034
last-modified: Mon, 11 Sep 2023 09:51:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd47a178fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 moveit-transfer-containment-and-hardening-guide.jpg
www.mandiant.com/sites/default/files/2023-07/ 253 KB
253 KB 612ms
611ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-07/moveit-transfer-containment-and-hardening-guide.jpg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d980b5fc9a4df98e35e0ad8d2921c7842e8474b952a877c52e6b0bbc658c8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 251
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 258633
x-request-id: v-a84a82d4-cca3-11ee-9cce-9b34ed9d71ba
last-modified: Mon, 17 Jul 2023 05:29:30 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd47a198fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 m-trends-23-cover-.png
www.mandiant.com/sites/default/files/2023-05/ 3 MB
3 MB 464ms
462ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2023-05/m-trends-23-cover-.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

938e5c418306b17d50ef496907b533da7267da18faaf0e0486efb7108f7b5611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 2722
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 3060137
x-request-id: v-001243cc-cca3-11ee-bafd-2767729d4bfc
last-modified: Wed, 31 May 2023 07:42:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd49a318fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 js_Vpe9ih1ghDhp52pV4aPJE6S74lqWabMtDXMUV-j4uRk.js Show response
www.mandiant.com/sites/default/files/js/ 182 KB
59 KB 1707ms
1704ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_Vpe9ih1ghDhp52pV4aPJE6S74lqWabMtDXMUV-j4uRk.js?scope=footer&delta=0&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ece53c2457c2c8e8ebb353c21de5df6599bf90b39693a2fb23d56b7265bd1b7

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri /report-csp-violation
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-51c79b32-cf68-11ee-9025-6f7de944b7aa
referrer-policy: strict-origin
last-modified: Mon, 19 Feb 2024 20:49:06 GMT
server: cloudflare
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 85815fd46a0f8fca-FRA
expires: Mon, 19 Feb 2024 20:54:06 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 120ms
30ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

02c93e8f5831b03b0991aada54e7d79104260ba5824f2aabec85f6a6975554f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 19 Feb 2024 20:49:04 GMT

GET
H2 200 js_jiS1254JxTfzgW6zYoirCIwY9kFyhWEcqxG-EuRyh58.js Show response
www.mandiant.com/sites/default/files/js/ 8 KB
4 KB 631ms
628ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_jiS1254JxTfzgW6zYoirCIwY9kFyhWEcqxG-EuRyh58.js?scope=footer&delta=2&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c23b188b7b48b3f97da09ead6850de26ffd22e1396ba78a34a2306dee27d3d74

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri /report-csp-violation
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-51c7be50-cf68-11ee-ad30-3ba2290007ec
referrer-policy: strict-origin
last-modified: Mon, 19 Feb 2024 20:49:05 GMT
server: cloudflare
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 85815fd46a108fca-FRA
expires: Mon, 19 Feb 2024 20:54:05 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 130ms
39ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27841
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"257f9651f9cfd949f6dde30f51352116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaB%2BHc6z9bDAZjumfAO%2BAEj770VzjNoBHdPbXZEHXAfYGd9fQVLNoU2oFvTqoQSYIziq3x9Owqn6B6p55CrAWExrtJay3D2ZH%2BVTjBDwYXyGCH1CXEX2UfieVWJnWmZCi2fvB7I%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 85815fd4fe243a80-FRA

GET
H2 200 js_FOqHALx4SLcdBWNMDhINRRDFjGfFYjuAID4BOiZmCO8.js Show response
www.mandiant.com/sites/default/files/js/ 416 KB
124 KB 603ms
600ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_FOqHALx4SLcdBWNMDhINRRDFjGfFYjuAID4BOiZmCO8.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa7ca84dc3a040c7199206d3554b4b57d6cbb5c49ef435f674103587640d26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 124
date: Mon, 19 Feb 2024 20:49:05 GMT
content-encoding: gzip
via: varnish
cf-cache-status: MISS
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 126527
x-request-id: v-8e533c94-cf29-11ee-bf2d-03e158ef7a01
last-modified: Mon, 19 Feb 2024 13:19:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd46a118fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 accordion.frontend.min.js Show response
www.mandiant.com/modules/contrib/ckeditor_accordion/js/ 4 KB
2 KB 167ms
164ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/modules/contrib/ckeditor_accordion/js/accordion.frontend.min.js?s93u56

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9474894bf64b11c40884f83b0ba6888635bf90bfaae11db1944d99771f1c820

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 16478
date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: gzip
via: varnish
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
age: 27211
x-cache: HIT
x-ah-environment: prod
content-length: 1535
x-request-id: v-f61ddc18-cf28-11ee-88b2-03bedf3a9f87
last-modified: Wed, 24 Jan 2024 07:40:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd46a128fca-FRA
expires: Mon, 04 Mar 2024 13:15:32 GMT

GET
H2 200 js_4PAFPa_Dwdbpumhh3Ioo0b6yM_NSmFPkdGEv86pxVsA.js Show response
www.mandiant.com/sites/default/files/js/ 73 KB
23 KB 1272ms
1270ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_4PAFPa_Dwdbpumhh3Ioo0b6yM_NSmFPkdGEv86pxVsA.js?scope=footer&delta=6&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b46c196b7dea30331b967a2c4c803215d7cfb09e2500c8232958f3da6e3cc47e

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: varnish
cf-cache-status: MISS
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri /report-csp-violation
x-cache: MISS
x-ah-environment: prod
x-xss-protection: 1; mode=block
x-request-id: v-51c75b4a-cf68-11ee-b8bd-57874826ad24
referrer-policy: strict-origin
last-modified: Mon, 19 Feb 2024 20:49:05 GMT
server: cloudflare
expect-ct: max-age=86400
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-language: en
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=300
cf-ray: 85815fd46a138fca-FRA
expires: Mon, 19 Feb 2024 20:54:05 GMT

GET
H2 200 cookienotificationbar.min.js Show response
www.gstatic.com/glue/cookienotificationbar/ 18 KB
7 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74397437d41d0ef91b6ac1cbd4edb0c5fb809cd9299cccf6adde7b5b8937e79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6872
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:10:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Mon, 19 Feb 2024 20:49:04 GMT

GET
H2 200 fontloader.built.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 452ms
451ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 41
date: Mon, 19 Feb 2024 20:49:05 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 2334
x-request-id: v-1f4cd056-ca5d-11ee-b429-3f624e1d0663
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd49a328fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 411 KB
116 KB 159ms
69ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fca4bef88b349ec96b70d95d331eecf24527e1bd2e49f95b2511d046f0ce984c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118202
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Feb 2024 20:49:04 GMT

GET
H2 200 resources-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 306 B
344 B 440ms
440ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/resources-arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bdf7f7be82cf4a0090ff4afe9f751c18218d175f86b8cb169e01b0add1e22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 48
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-56d13ec8-cc91-11ee-b5af-475a98d65bde
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 85815fd49a338fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 white-cta-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 750 B
531 B 422ms
421ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/white-cta-arrow.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff46ab88d5fe2880ee24e0a56c4f423096ea4eb7b80e0fc8032319e26b5a002b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 34
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-1ce0c822-ca5d-11ee-bdf5-0bb206d3c2a8
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 85815fd49a348fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 footer-bg-transparent.png
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 134 KB
134 KB 432ms
432ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/footer-bg-transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 37
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 136986
x-request-id: v-1977a552-ca5d-11ee-9103-6749faa11ca8
last-modified: Wed, 26 Oct 2022 19:55:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd49a358fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 MaterialIcons-Outlined.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/ 148 KB
148 KB 446ms
446ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/MaterialIcons-Outlined.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 40
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 151244
x-request-id: v-1f421dfa-ca5d-11ee-a7b5-8b154cf6c433
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd49a368fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 466ms
465ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 73
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 56020
x-request-id: v-4877b51e-cc91-11ee-b48e-9b90824dc61e
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd49a378fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
57 KB 462ms
462ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 33
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 57764
x-request-id: v-19a337c6-ca5d-11ee-877c-874bb170df67
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd49a388fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
56 KB 428ms
428ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 71
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 57572
x-request-id: v-492ec7ae-cc91-11ee-b16d-cfd34ecea6bf
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd49a398fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
92 KB 43ms
41ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cf14fcc8a5e96d414fed48c435226fcd4dc7ed8bd82182ef1212a27565a0582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Feb 2024 20:49:04 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 122ms
33ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220099-FRA

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
813 B 79ms
21ms Script
application/javascript 2a02:26f0:780::210:a420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a420 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15e583294d87189f0d79cf1c90cfb6892968a0cfa844658d415c46377186aa79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Feb 2024 17:00:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=72641
accept-ranges: bytes
content-length: 603

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 60ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Feb 2024 20:49:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: fJXU3U8gp1TP3YWjMg/C76prdKDHqxewwGbTQv1l5y/E3DfShXab/RkbMwJb/o7k5r6XcbXeo6UYnSUzi2OUWw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 116ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 19 Feb 2024 20:49:04 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4EF8A49286D5487699ECD70AE5793EC7 Ref B: FRA31EDGE0622 Ref C: 2024-02-19T20:49:05Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 19:30:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4705
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 19 Feb 2024 21:30:40 GMT

GET
H2 200 hotjar-3008912.js Show response
static.hotjar.com/c/ 9 KB
4 KB 74ms
25ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3008912.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

c827698beeeb00e08bb5559146c13e317c5552852c3d275e34e3e79e62beccb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 20:49:05 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 17
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/64e9ae471f688ceafeeb48551401f451
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: bGyd2Xrx2mnuPMlHh5_m22HYO6SqRBRYJDpEOIUVB4Fd4GAYHAAQWg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 108ms
34ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:49:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 150ms
31ms Script
application/javascript 2606:4700::6811:4341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scout-cdn.salesloft.com/sl.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 6AYM5TBGP85NWW11
age: 3768
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iZXzGJO9VKymfdzReJmr7uE1uhKUFMKsUsy30jwDEB8uHKDqgWj3ipTG0+hcOjJ7Zu1MV8OmYQjRXYRVud4p80wZyJlSS/jYgm2Q/S0HUNA=
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
server: cloudflare
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 85815fd6aa9568eb-FRA
expires: Tue, 20 Feb 2024 00:49:05 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 79ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=45je42e0v883779794z8849727317za200&_p=1708375744698&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=689632588.1708375745&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1708375745&sct=1&seg=0&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&dt=Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26%20Attacks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2658
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 20:49:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 84ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-X6642ZTDJ7&cid=689632588.1708375745&gtm=45je42e0v883779794z8849727317za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 20:49:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 110ms
60ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-X6642ZTDJ7&cid=689632588.1708375745&gtm=45je42e0v883779794z8849727317za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=525395640

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 20:49:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 45 KB
16 KB 21ms
21ms Script
application/javascript 2a02:26f0:780::210:a420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a420 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

07ba2e6da87e1d608f20565213506262f98d51242b8718608882e189c8c2e70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Feb 2024 17:00:19 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=72695
accept-ranges: bytes
content-length: 16480

GET
H2 200 modules.a02b08e96dea6b9516bd.js Show response
script.hotjar.com/ 228 KB
55 KB 102ms
33ms Script
application/javascript 18.164.52.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a02b08e96dea6b9516bd.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3008912.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-121.cdg50.r.cloudfront.net

Software

Resource Hash

31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 11:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e62fdd28aecc715b248568cb8338e8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 35279
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56163
last-modified: Mon, 19 Feb 2024 11:00:25 GMT
etag: "26c6b143280117fc6f6e3350a91924ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ZIMbWoWjKGOJE2XP81NQIv74ekFkhhkuRPxsS1nllhPvIrRQPOyUJA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 29ms
28ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=340944114&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&ul=en-us&de=UTF-8&dt=Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=1590355261&gjid=610776595&cid=689632588.1708375745&tid=UA-203244293-1&_gid=170244240.1708375745&_slc=1&gtm=45He42e0n81T72STLDv849727317za200&cg1=null&cg2=resources&cd2=Pageview&cd3=1708375744940.teegs9b&cd4=2024-02-19T21%3A49%3A04.940%2B01%3A00&cd5=&cd15=null&cd16=null&cd24=unknown&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd1=689632588.1708375745&z=1170090773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 20:49:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 70ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-203244293-1&cid=689632588.1708375745&jid=1590355261&gjid=610776595&_gid=170244240.1708375745&_u=YCDAgEABAAAAAGAEK~&z=1546246220

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Feb 2024 20:49:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 880805232811859 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/880805232811859?v=2.9.147&r=stable&domain=www.mandiant.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc3822b1b5b7439e7df19dbe92b28ad4d9901014ef8dcf5c314f2437dfa43c81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Feb 2024 20:49:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11095
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: 2KLoIpC4fUuRg7VtLLACXsIRCTLLJ+yX9EwThWc+ZgzjEoDiRVQ2rLs+ouet7M+ov1MXPZA8oUodNaXTOPbSVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3460746%26time%3D1708375745053%26li_adsId%3D967a6f18-2681-42e4-9eb3-38e1389ab76a%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=true...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=tru...

0
267 B

252ms
165ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=true&liSync=true&e_ipv6=AQKo2rJc3P3mFQAAAY3DISTq3yPAlenCYOECTl-5spjk-x6R4Uh3u9dijkIHWoeymP2uAJ0upJ222A
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 04F66D82152F4A6D8DDD745DD736E299 Ref B: DUS30EDGE0820 Ref C: 2024-02-19T20:49:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRwjl7b7S47d/ZV81uqw==

Redirect headers

date: Mon, 19 Feb 2024 20:49:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EA86AAC9CAE540CE8BA691FEC62E71AC Ref B: FRAEDGE1911 Ref C: 2024-02-19T20:49:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1708375745053&li_adsId=967a6f18-2681-42e4-9eb3-38e1389ab76a&url=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&cookiesTest=true&liSync=true&e_ipv6=AQKo2rJc3P3mFQAAAY3DISTq3yPAlenCYOECTl-5spjk-x6R4Uh3u9dijkIHWoeymP2uAJ0upJ222A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRwjl4GMkvRInHzBdqcQ==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 33ms
33ms Script
application/x-javascript 23.197.137.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.137.224 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-137-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:49:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Wed, 29 May 2024 20:49:05 GMT

GET
H2 204 5870833.js Show response
bat.bing.com/p/action/ 0
117 B 44ms
44ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5870833.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 19 Feb 2024 20:49:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DEB036C4860744AC92149DEB1C3E6441 Ref B: FRA31EDGE0622 Ref C: 2024-02-19T20:49:05Z
x-cache: CONFIG_NOCACHE

GET
H2 200 adsct
t.co/i/ 43 B
376 B 184ms
125ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d0daa590-b030-4abc-ba12-b947d7e1023f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=36e88316-ee06-46bd-b622-25763efc31b2&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5b0k&type=javascript&version=2.3.29

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 19 Feb 2024 20:49:05 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2f13c4f211a3a11e
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 8a34e0baf4db58c8974fff3c566e371fc0911415e558e533c16ffbc0c4ffc734
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 180ms
124ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d0daa590-b030-4abc-ba12-b947d7e1023f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=36e88316-ee06-46bd-b622-25763efc31b2&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5b0k&type=javascript&version=2.3.29

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 19 Feb 2024 20:49:04 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9dea2e1975b5631d
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 3b20449bdd3a9409f836657c9f060fc8ad2d99eb696bd73a9852828756752974
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 63ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=880805232811859&ev=PageView&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&rl=&if=false&ts=1708375745080&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4125&fbp=fb.1.1708375745080.1469699626&ler=empty&cdl=API_unavailable&it=1708375745050&coo=false&tm=1&exp=e1&rqm=GET

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Feb 2024 20:49:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 200
OK visitWebPage
565-pei-952.mktoresp.com/webevents/ 2 B
318 B 640ms
111ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://565-pei-952.mktoresp.com/webevents/visitWebPage?_mchNc=1708375745090&_mchCn=&_mchId=565-PEI-952&_mchTk=_mch-mandiant.com-1708375745089-82312&_mchHo=www.mandiant.com&_mchPo=&_mchRu=%2Fresources%2Freports&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 19 Feb 2024 20:49:05 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 1931f33b-6a39-4bfa-8b69-b9826b1659c6

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
358 B 406ms
117ms XHR
application/json 54.205.198.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDUwMDl9.GHpZgHyRyFl9iN7anlcbMbmW3chPCQZrSX98AJ7UjM8

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.205.198.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-198-24.compute-1.amazonaws.com

Software

Resource Hash

1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandiant.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 8eb5ced1919ac2af6c0b5d97e8354ab0

GET
H2 200 PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 71 KB
71 KB 423ms
423ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 60
date: Mon, 19 Feb 2024 20:49:05 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 72380
x-request-id: v-049d9504-cca3-11ee-bca5-7bdcb2665c2c
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fd7cd468fca-FRA
expires: Mon, 04 Mar 2024 20:49:05 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
466 B 117ms
117ms XHR
application/json 54.205.198.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.205.198.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-198-24.compute-1.amazonaws.com

Software

Resource Hash

f0a2731c441b3382d73a8a239980f3c3de3ce7f8d8359ae2e3647e283db5421e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mandiant.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 9f1eb2faf9de4ffc6fe180692548aa45

GET
H2 200 Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 423ms
423ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_jq-iq5aGgG5bPuD7RWhim9iKKMGOibzhdiyoajH1A4w.css?delta=1&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 29
date: Mon, 19 Feb 2024 20:49:06 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-cache: HIT
x-ah-environment: prod
content-length: 55968
x-request-id: v-2c75d002-ca5d-11ee-ac52-b70891b51ba3
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fda7f558fca-FRA
expires: Mon, 04 Mar 2024 20:49:06 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 120ms
120ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Feb 2024 20:49:06 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A7142EE3745F477BB4E42E4AA763D760 Ref B: FRAEDGE1911 Ref C: 2024-02-19T20:49:06Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.mandiant.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYRwjl904zsmu9WGHFoxg==

GET
H2 200 974.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 11 KB
3 KB 431ms
431ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?ed9f0d

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_FOqHALx4SLcdBWNMDhINRRDFjGfFYjuAID4BOiZmCO8.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxtUFF2wyAMuxANR-IZcFIawHm204ydfjRLum7dj58sGcl4JC6aFrHjAQzEqAS12RMMI1NVE1ZRKq5gTGBfGxdEjDRRLNaDoClQO13V6RUL2ql264toyyj_a7c3_o6sKUC-KHgxYe45SuwgBOKYqNon-t4Oa_yxYAywaLiCfSKX-szEoP3FS9aGMIstwDMquccJ3sSFaWIUcR7YZGi0qotJAvUVm6WKgfLJ-zXliGx1o846wbDn3RNuYvc6FIprRuMzfDbrEw1wg49fEztx6I964EwQD7hQbmPK-WhDBpGcRE-ZqSQ5MxjGA23oF9MHw2z3OuyWf_87pfcDbYlxZCj4BYg322E

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

201492c149f68b701455a2d046549a318a76ed5bca4ab13ebd913dbd14710246

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 66
date: Mon, 19 Feb 2024 20:49:06 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 3375
x-request-id: v-43302eec-cc91-11ee-bdd5-4fd9bd6966f5
last-modified: Wed, 26 Oct 2022 20:16:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fdfec6b8fca-FRA
expires: Mon, 04 Mar 2024 20:49:06 GMT

GET
H2 200 404.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 406 B
393 B 419ms
418ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits: 65
date: Mon, 19 Feb 2024 20:49:06 GMT
content-encoding: gzip
via: varnish
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
x-cache: HIT
x-ah-environment: prod
content-length: 263
x-request-id: v-059015c2-cca3-11ee-aef0-3b9a187ba4a2
last-modified: Wed, 26 Oct 2022 20:37:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 85815fdfec6d8fca-FRA
expires: Mon, 04 Mar 2024 20:49:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ 492 KB
196 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201084
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:31:20 GMT

GET
H2 200 sm.25.html Show response
static.addtoany.com/menu/ Frame E8D5 716 B
771 B 36ms
35ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.25.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 17560
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 85815fdffbee3a80-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 19 Feb 2024 20:49:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDoIJpWbVsrXgLaJks2Df3w0n6yjsaMO8nqVZUHk%2FGzfDpLk%2FLhRHW9YchSLXQSxNCdjmI8QOBmirXmxPpjaj823LTNpYkd18uDrdv%2BxIPtXeWqmPe8%2FH2glCqIEX4%2FOtYXAXWFsxYJmkJkMjenlRSB5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 core.Ep5bSEmr.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 93ms
52ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"a995aaed2cd978eb5749462d1dc3635e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FDNzk%2BlBIMCmEntrFvYTENMfsVb2WmaMQHuBo8K4C1WvgtuKaPWj2LHruB6eaA3aXWUPmuJtuynQgjvFoTNlprPnFp%2B40aBs5O9mzdwRsQSRGPEBRhGZqyo7sRnnfE86fqR9Tud"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 85815fe03b4a9078-FRA

GET
H3 200 2a.json Show response
www.gstatic.com/glue/cookienotificationbar/config/ 428 B
224 B 92ms
54ms Fetch
application/json 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/glue/cookienotificationbar/config/2a.json?hl=en

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a1a28e26e577545cac3166880d39b6188156245e5d4b532f559be34ef1476f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 19:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="uxe-owners-acl/gstatic"
expires: Mon, 19 Feb 2024 20:49:06 GMT

GET
H2 204 0
bat.bing.com/action/ 0
287 B 45ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5870833&tm=gtm002&Ver=2&mid=ea6d4650-5c1a-4587-90a6-59d518f62576&sid=52ae4e90cf6811ee884db54d858e9a7e&vid=52ae59c0cf6811ee8b1a87209e407953&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26%20Attacks&kw=threat%20intelligence%20reports&p=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&r=&lt=4217&evt=pageLoad&sv=1&rn=122788

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 19 Feb 2024 20:49:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8ACB87AAD034B0CAA5BAF0CB59095EC Ref B: FRA31EDGE0622 Ref C: 2024-02-19T20:49:06Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v21/ 14 KB
15 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v21/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400&family=Google+Sans:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8300ba70904617a47a80e9098fe00b3f7aefd328519318c420289b0bbdfb5e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:10:03 GMT
x-content-type-options: nosniff
age: 560343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:10:03 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ 22 KB
22 KB 80ms
30ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400&family=Google+Sans:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f62ccd6d9784466fb9b92202b71a63182de790d0575e13641e027b39e0590e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:02:06 GMT
x-content-type-options: nosniff
age: 560820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22308
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:02:06 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 64 KB
17 KB 470ms
122ms Script
application/javascript 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/reports

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 20:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Dec 2023 22:26:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "65836a29-fee9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17567
expires: Mon, 19 Feb 2024 20:49:07 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=340944114&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&ul=en-us&de=UTF-8&dt=Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Resource%20Type&ea=null&el=null&_u=aCDAgEABAAAAAGAEK~&jid=&gjid=&cid=689632588.1708375745&tid=UA-203244293-1&_gid=170244240.1708375745&gtm=45He42e0n81T72STLDv849727317za200&cg1=null&cg2=resources&cd3=1708375746976.aumm5qo&cd4=2024-02-19T21%3A49%3A06.976%2B01%3A00&cd5=&cd15=null&cd16=null&cd24=unknown&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd1=689632588.1708375745&z=1701837436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 19:10:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5925
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=340944114&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&ul=en-us&de=UTF-8&dt=Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26%20Attacks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=25%25&el=%2Fresources%2Freports&_u=aCDAgEABAAAAAGAEK~&jid=&gjid=&cid=689632588.1708375745&tid=UA-203244293-1&_gid=170244240.1708375745&gtm=45He42e0n81T72STLDv849727317za200&cg1=null&cg2=resources&cd2=Event&cd3=1708375746989.1ld4mtb&cd4=2024-02-19T21%3A49%3A06.989%2B01%3A00&cd5=&cd15=null&cd16=null&cd24=unknown&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd1=689632588.1708375745&z=401108620

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 19:10:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5925
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
194 B 160ms
152ms XHR
text/html 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:07 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.mandiant.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 24 B
318 B 111ms
25ms XHR
text/html 2a02:26f0:ab00::214:8e70
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2722cb522f4fe3f0f788fb0b73cb835e95cfc60e6808e5e401f1add3d186da92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 20:49:07 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.mandiant.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:2:240:3247::11
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1708375747602_34901612_486087989_25_1037_20_44_219";dur=1
content-length: 24
expires: Mon, 19 Feb 2024 20:49:07 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 326ms
319ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=1b3c687c-90f3-47b9-8e2d-d0f0068ce300&session=21f54ccb-cf18-4aaf-8d56-b511216d4c33&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A07%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Threat%20Intelligence%20Reports.%20Get%20an%20inside%20look%20at%20the%20evolving%20cyber%20threat%20landscape%20and%20in-depth%20analysis%20of%20attacks%2C%20incident%20response%20and%20remediation.%22%2C%22keywords%22%3A%22threat%20intelligence%20reports%22%2C%22title%22%3A%22Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26amp%3B%20Attacks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&pageViewId=0ac79fce-69c2-4138-8e14-eacc4ac5ee42&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 349ms
342ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=1b3c687c-90f3-47b9-8e2d-d0f0068ce300&session=21f54ccb-cf18-4aaf-8d56-b511216d4c33&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2019%20Feb%202024%2020%3A49%3A07%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22627b22264f359a2be8e661bd05849ae6%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2019%20Feb%202024%2020%3A49%3A07%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2019%20Feb%202024%2020%3A49%3A07%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2019%20Feb%202024%2020%3A49%3A07%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Threat%20Intelligence%20Reports.%20Get%20an%20inside%20look%20at%20the%20evolving%20cyber%20threat%20landscape%20and%20in-depth%20analysis%20of%20attacks%2C%20incident%20response%20and%20remediation.%22%2C%22keywords%22%3A%22threat%20intelligence%20reports%22%2C%22title%22%3A%22Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26amp%3B%20Attacks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&pageViewId=0ac79fce-69c2-4138-8e14-eacc4ac5ee42&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 305ms
304ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=1b3c687c-90f3-47b9-8e2d-d0f0068ce300&session=21f54ccb-cf18-4aaf-8d56-b511216d4c33&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A11%22%7D&isIframe=false&m=%7B%22description%22%3A%22Threat%20Intelligence%20Reports.%20Get%20an%20inside%20look%20at%20the%20evolving%20cyber%20threat%20landscape%20and%20in-depth%20analysis%20of%20attacks%2C%20incident%20response%20and%20remediation.%22%2C%22keywords%22%3A%22threat%20intelligence%20reports%22%2C%22title%22%3A%22Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26amp%3B%20Attacks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&pageViewId=0ac79fce-69c2-4138-8e14-eacc4ac5ee42&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 318ms
318ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=1b3c687c-90f3-47b9-8e2d-d0f0068ce300&session=21f54ccb-cf18-4aaf-8d56-b511216d4c33&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A07%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Threat%20Intelligence%20Reports.%20Get%20an%20inside%20look%20at%20the%20evolving%20cyber%20threat%20landscape%20and%20in-depth%20analysis%20of%20attacks%2C%20incident%20response%20and%20remediation.%22%2C%22keywords%22%3A%22threat%20intelligence%20reports%22%2C%22title%22%3A%22Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26amp%3B%20Attacks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&pageViewId=0ac79fce-69c2-4138-8e14-eacc4ac5ee42&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:08 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0E66 46 KB
29 KB 59ms
59ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=ao5at8vu3guc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bf7082ed63e2618ce605c7957bfb61069c5dd481ec5f7b9c4baa283fd216c7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b2aJtDx3W-oUjn5JkcFB7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-b2aJtDx3W-oUjn5JkcFB7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 20:49:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EA4E 46 KB
29 KB 38ms
38ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=compact&cb=af7js7ecph4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09aad6832baa362eba15421090f41beb2a5c50507d776a503bb07a6d4bb9b01c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-abNMh9P1jtzhitlCsqV27A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-abNMh9P1jtzhitlCsqV27A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 20:49:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame EA4E 55 KB
24 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=compact&cb=af7js7ecph4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 14:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 14:36:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame EA4E 492 KB
196 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201084
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:31:20 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 0E66 55 KB
24 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 14:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 14:36:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 0E66 492 KB
196 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201084
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:31:20 GMT

GET
H3 200 Dq4s5fHQ4MqajtxkAI1TQErT3JHnCXhk4JQIHWIJ1B4.js Show response
www.google.com/js/bg/ Frame EA4E 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Dq4s5fHQ4MqajtxkAI1TQErT3JHnCXhk4JQIHWIJ1B4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eae2ce5f1d0e0ca9a8edc64008d53404ad3dc91e7097864e094081d6209d41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=compact&cb=af7js7ecph4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7010
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 04:01:40 GMT

GET
H3 200 Dq4s5fHQ4MqajtxkAI1TQErT3JHnCXhk4JQIHWIJ1B4.js Show response
www.google.com/js/bg/ Frame 0E66 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Dq4s5fHQ4MqajtxkAI1TQErT3JHnCXhk4JQIHWIJ1B4.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eae2ce5f1d0e0ca9a8edc64008d53404ad3dc91e7097864e094081d6209d41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=ao5at8vu3guc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7010
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 04:01:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EA4E 102 B
135 B 31ms
31ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

006075ca8435aa619a3a6885f3d63c6623f827ef97211e4a20b4f640d98e0f8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=compact&cb=af7js7ecph4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 19 Feb 2024 20:49:08 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0E66 102 B
135 B 28ms
28ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

006075ca8435aa619a3a6885f3d63c6623f827ef97211e4a20b4f640d98e0f8b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=normal&cb=ao5at8vu3guc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 19 Feb 2024 20:49:08 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C48D 7 KB
1 KB 44ms
44ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

623bd43188e0284015bb94301ddcb11320ccd367775592d40a4cd84ab1695255

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aikndi4eXnQqTT8gIhTTdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aikndi4eXnQqTT8gIhTTdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 20:49:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame DEBA 7 KB
1 KB 34ms
34ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ae4d8c91d652520b384507ab2d9922abf1ff9af87a8fc521ed21a7ad1add1e2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6xcUmkUmJxuEUZk5wZgVBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6xcUmkUmJxuEUZk5wZgVBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 20:49:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame DEBA 55 KB
24 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 14:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 14:36:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame DEBA 492 KB
196 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201084
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:31:20 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame C48D 55 KB
24 KB 26ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 14:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 14:36:52 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame C48D 492 KB
196 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 201084
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 03:00:37 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:31:20 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 333ms
333ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=1b3c687c-90f3-47b9-8e2d-d0f0068ce300&session=21f54ccb-cf18-4aaf-8d56-b511216d4c33&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A08%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Threat%20Intelligence%20Reports.%20Get%20an%20inside%20look%20at%20the%20evolving%20cyber%20threat%20landscape%20and%20in-depth%20analysis%20of%20attacks%2C%20incident%20response%20and%20remediation.%22%2C%22keywords%22%3A%22threat%20intelligence%20reports%22%2C%22title%22%3A%22Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26amp%3B%20Attacks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&pageViewId=0ac79fce-69c2-4138-8e14-eacc4ac5ee42&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 649ms
649ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=1b3c687c-90f3-47b9-8e2d-d0f0068ce300&session=21f54ccb-cf18-4aaf-8d56-b511216d4c33&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A09%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Threat%20Intelligence%20Reports.%20Get%20an%20inside%20look%20at%20the%20evolving%20cyber%20threat%20landscape%20and%20in-depth%20analysis%20of%20attacks%2C%20incident%20response%20and%20remediation.%22%2C%22keywords%22%3A%22threat%20intelligence%20reports%22%2C%22title%22%3A%22Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26amp%3B%20Attacks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&pageViewId=0ac79fce-69c2-4138-8e14-eacc4ac5ee42&v=1.1.14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 20:49:11 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=1b3c687c-90f3-47b9-8e2d-d0f0068ce300&session=21f54ccb-cf18-4aaf-8d56-b511216d4c33&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2019%20Feb%202024%2020%3A49%3A10%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Threat%20Intelligence%20Reports.%20Get%20an%20inside%20look%20at%20the%20evolving%20cyber%20threat%20landscape%20and%20in-depth%20analysis%20of%20attacks%2C%20incident%20response%20and%20remediation.%22%2C%22keywords%22%3A%22threat%20intelligence%20reports%22%2C%22title%22%3A%22Threat%20Intelligence%20Reports%20%7C%20Cyber%20Security%20Threats%20%26amp%3B%20Attacks%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Freports&pageViewId=0ac79fce-69c2-4138-8e14-eacc4ac5ee42&v=1.1.14

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mandiant.com/	1970-01-20 18:32:57	Name: __cf_bm Value: UxeEZk6RMUU6gz5ItW1zkvEQwBhb_OJMp4aP0utGp0k-1708375742-1.0-AWh8Weex6AmBGydPyriWi70R/NORmsaq8DTwAjb77wcbnWZvmoQnl+69lQqC7uB6lBvENW6Xe6if5wmT2iyV/dw=
.mandiant.com/	1970-01-20 20:42:31	Name: _gcl_au Value: 1.1.124703228.1708375745
.mandiant.com/	1970-01-21 04:08:55	Name: _ga Value: GA1.2.689632588.1708375745
.mandiant.com/	1970-01-20 18:34:22	Name: _gid Value: GA1.2.170244240.1708375745
.mandiant.com/	1970-01-20 18:32:55	Name: _dc_gtm_UA-203244293-1 Value: 1
.mandiant.com/	1970-01-20 20:42:31	Name: _fbp Value: fb.1.1708375745080.1469699626
.mandiant.com/	1970-01-21 04:08:55	Name: _mkto_trk Value: id:565-PEI-952&token:_mch-mandiant.com-1708375745089-82312
.twitter.com/	1970-01-21 04:08:55	Name: personalization_id Value: "v1_eArZrCTNVRK9MFh960uwag=="
.t.co/	1970-01-21 04:08:55	Name: muc_ads Value: 1e1da680-3b8c-4041-829a-0ba1f52f5fc5
.linkedin.com/	1970-01-20 20:42:31	Name: li_sugr Value: 5f6802f5-5914-4d93-a163-fedc379e4336
.linkedin.com/	1970-01-21 03:18:31	Name: bcookie Value: "v=2&b8a5eb8c-5eb2-4286-8d69-a02f32a6ee59"
.linkedin.com/	1970-01-20 18:34:22	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3134:u=1:x=1:i=1708375745:t=1708462145:v=2:sig=AQEsqPHR2_oNDFtSBFk21y6bIF0P-nTq"
www.mandiant.com/	1970-01-20 18:43:00	Name: slireg Value: https://scout.us3.salesloft.com
.linkedin.com/	1970-01-20 19:16:07	Name: UserMatchHistory Value: AQJqrgCoUo9BegAAAY3DISP3fEou4vN6qF8ZC8gqXBX0mrWiSxGdq-6A6w3BG6GqVhTYOvVjfTx_wQ
.linkedin.com/	1970-01-20 19:16:07	Name: AnalyticsSyncHistory Value: AQJtnl0zVh0QOQAAAY3DISP3M8MC2cAYZ3nSNFBKykxj-CNEbMPehGaioBiKBf2DmBOH-hfbmceymb-wCMSB3Q
www.mandiant.com/	1970-01-21 03:18:31	Name: sliguid Value: d67e9289-3a67-4425-8d79-6906767c788f
www.mandiant.com/	1970-01-21 03:18:31	Name: slirequested Value: true
.www.linkedin.com/	1970-01-21 03:18:31	Name: bscookie Value: "v=1&20240219204905c0c1199b-7407-49d8-80c2-f79087f17423AQEXuhlMsFipisicPYOGF4xgRo5h1H11"
.linkedin.com/	1970-01-20 22:52:07	Name: li_gc Value: MTswOzE3MDgzNzU3NDU7MjswMjEFNzZNxlcXMQgBQ0m2yZOYPI4n1R2bKOV/+GZhtZxuUg==
.mandiant.com/	1970-01-21 03:18:31	Name: _hjSessionUser_3008912 Value: eyJpZCI6IjI3MDhlMjMzLTc3OWQtNTYxOS1hZDVmLTU0OTVhZGMzNjllMyIsImNyZWF0ZWQiOjE3MDgzNzU3NDY1NTYsImV4aXN0aW5nIjpmYWxzZX0=
.mandiant.com/	1970-01-20 18:32:57	Name: _hjSession_3008912 Value: eyJpZCI6ImNmNWZhZWI4LWIzNDYtNDFkMS05Y2Q5LTQyZGYwZTJjODg5ZCIsImMiOjE3MDgzNzU3NDY1NTcsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.mandiant.com/	1970-01-20 18:34:22	Name: _uetsid Value: 52ae4e90cf6811ee884db54d858e9a7e
.mandiant.com/	1970-01-21 03:54:31	Name: _uetvid Value: 52ae59c0cf6811ee8b1a87209e407953
.bing.com/	1970-01-21 03:54:31	Name: MUID Value: 0FF991168F7968D218D0853C8EF2692E
.mandiant.com/	1970-01-21 04:08:55	Name: _ga_X6642ZTDJ7 Value: GS1.1.1708375745.1.0.1708375746.59.0.0
www.mandiant.com/	1970-01-21 04:08:55	Name: _gd_visitor Value: 1b3c687c-90f3-47b9-8e2d-d0f0068ce300
www.mandiant.com/	1970-01-20 18:33:10	Name: _gd_session Value: 21f54ccb-cf18-4aaf-8d56-b511216d4c33
.6sc.co/	1970-01-21 04:08:55	Name: 6suuid Value: 362b3517b05e0100c3bed365bc030000d3947901

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/880805232811859?v=2.9.147&r=stable&domain=www.mandiant.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.mandiant.com/resources/reports Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

565-pei-952.mktoresp.com
analytics.twitter.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn4.iconfinder.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ipv6.6sc.co
j.6sc.co
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.fireeye.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.mandiant.com
b.6sc.co
104.244.42.131
104.244.42.5
13.107.42.14
146.75.120.157
18.164.52.121
18.66.97.53
192.28.144.124
2001:4860:4802:34::36
23.197.137.224
23.53.43.58
2606:4700:10::ac43:2794
2606:4700:300b::a29f:f17d
2606:4700:300b::a29f:f67d
2606:4700:3108::ac42:2ad3
2606:4700::6811:190e
2606:4700::6811:4341
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9d
2a02:26f0:780::210:a420
2a02:26f0:ab00::214:8e70
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
54.205.198.24
006075ca8435aa619a3a6885f3d63c6623f827ef97211e4a20b4f640d98e0f8b
02c93e8f5831b03b0991aada54e7d79104260ba5824f2aabec85f6a6975554f5
055ce499eb8d14ec607cb3be0d295b5877db2b983519efd27343ba9d9228d8e9
05bdf7f7be82cf4a0090ff4afe9f751c18218d175f86b8cb169e01b0add1e22b
07ba2e6da87e1d608f20565213506262f98d51242b8718608882e189c8c2e70f
09aad6832baa362eba15421090f41beb2a5c50507d776a503bb07a6d4bb9b01c
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0eae2ce5f1d0e0ca9a8edc64008d53404ad3dc91e7097864e094081d6209d41e
0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379
15e583294d87189f0d79cf1c90cfb6892968a0cfa844658d415c46377186aa79
1ae4d8c91d652520b384507ab2d9922abf1ff9af87a8fc521ed21a7ad1add1e2
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
201492c149f68b701455a2d046549a318a76ed5bca4ab13ebd913dbd14710246
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
22d3fa5d9614247a92cd5b47a933975b97a831cfc3b257e24750a238d892cdac
2722cb522f4fe3f0f788fb0b73cb835e95cfc60e6808e5e401f1add3d186da92
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
2d699428fb1a87452cb15775f3e9a531b9c8a98bfa41be2a24be4814ff0a5baf
2ece53c2457c2c8e8ebb353c21de5df6599bf90b39693a2fb23d56b7265bd1b7
2f03b3912aa0e04bb5e2efcd1650700d99397a7ed9cc8a82db8cb296cea35b3d
31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295
3bf7082ed63e2618ce605c7957bfb61069c5dd481ec5f7b9c4baa283fd216c7d
4162b48b412d9e8e81fa77ac468318f9422ca2f047c533f1ecd67f3c77ed798b
482ba6d0eda8709fc11debe244d706c4784003c6b1c38912454e7333ed7b96c0
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4fa7ca84dc3a040c7199206d3554b4b57d6cbb5c49ef435f674103587640d26a
51b8bcdd582b064711d0cab4f54818cc4a3d094b573e2a24d850424697cfe985
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
591ec898579fc34d46d85f9b22fa8fcfa88465454caa0d86d03e9e6dc0675f9b
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
623bd43188e0284015bb94301ddcb11320ccd367775592d40a4cd84ab1695255
680f54b8147b10434d0ee0142f7423aa40610d8dbd16a6af910e9e766d521d7a
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621
6cf14fcc8a5e96d414fed48c435226fcd4dc7ed8bd82182ef1212a27565a0582
7298bc20bc720a65d674e27e7da2e96ef62d342011ad53e7cd9e598948eab41c
74397437d41d0ef91b6ac1cbd4edb0c5fb809cd9299cccf6adde7b5b8937e79f
7762b4265e6050c33745fd1fae5110f9f265564f0a85d9ac01efaa65029db59c
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78d980b5fc9a4df98e35e0ad8d2921c7842e8474b952a877c52e6b0bbc658c8f
7a1a28e26e577545cac3166880d39b6188156245e5d4b532f559be34ef1476f2
7e28c1e0adaa1aab263a9b2a309eacba93e8be98b638e136854456edb45930e7
8300ba70904617a47a80e9098fe00b3f7aefd328519318c420289b0bbdfb5e2c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
8a7b82ca2e7779906e5ed103e6aea92ad41856bf2265ac009947b59b0d752f06
938e5c418306b17d50ef496907b533da7267da18faaf0e0486efb7108f7b5611
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
a9b7a66985bebc105b4b12f2f466fae88b9b16fe17ea5bc1d515753258a0be19
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1e386082319d3ae7ea22aac3f75034ab3c591a9cd71bbf6f46203a5cc7810ba
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b46c196b7dea30331b967a2c4c803215d7cfb09e2500c8232958f3da6e3cc47e
bc3822b1b5b7439e7df19dbe92b28ad4d9901014ef8dcf5c314f2437dfa43c81
c23b188b7b48b3f97da09ead6850de26ffd22e1396ba78a34a2306dee27d3d74
c827698beeeb00e08bb5559146c13e317c5552852c3d275e34e3e79e62beccb2
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d79af40b66c8fe0e686decab8fd4ff8b221e64cf0fa3b860cb4779cfe339857f
d7f62ccd6d9784466fb9b92202b71a63182de790d0575e13641e027b39e0590e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9474894bf64b11c40884f83b0ba6888635bf90bfaae11db1944d99771f1c820
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a2731c441b3382d73a8a239980f3c3de3ce7f8d8359ae2e3647e283db5421e
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c
fca4bef88b349ec96b70d95d331eecf24527e1bd2e49f95b2511d046f0ce984c
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6
ff46ab88d5fe2880ee24e0a56c4f423096ea4eb7b80e0fc8032319e26b5a002b

www.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f17d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

98 %HTTPS

68 %IPv6

25 Domains

34 Subdomains

31 IPs

3 Countries

8314 kBTransfer

12304 kBSize

28 Cookies

17 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

98 %
HTTPS

68 %
IPv6

25
Domains

34
Subdomains

31
IPs

3
Countries

8314 kB
Transfer

12304 kB
Size

28
Cookies

101 HTTP transactions
0 data transactions