www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDN3DeE5i6gAdo843It04wGx-rPdANFFkbgepX0yrWqWtoCjPNBM-KKF5cnIZRhy7k_oIqE9I=
Effective URL:
https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2v...
Submission: On March 18 via manual (March 18th 2022, 3:44:59 am UTC) from AE — Scanned from DE

Summary HTTP 79 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 79 HTTP transactions. The main IP is 2606:4700:300b::a29f:f07d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com. The Cisco Umbrella rank of the primary domain is 175804.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 4th 2021. Valid for: a year.

This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:300... 2606:4700:300b::a29f:f07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:300... 2606:4700:300b::a29f:f67d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.225.80.11 13.225.80.11	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:f17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:9600:1b:45dc:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.242.31 162.247.242.31	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
79	18

1 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:300b::a29f:f07d (United States)

ASN13335 (CLOUDFLARENET, US)

www.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:300b::a29f:f67d (United States)

ASN13335 (CLOUDFLARENET, US)

www.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

www2.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.80.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-11.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:f17 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9600:1b:45dc:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

hi.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.31 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.uk

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	mandiant.com pages.mandiant.com — Cisco Umbrella Rank: 172107 www.mandiant.com — Cisco Umbrella Rank: 175804 www2.mandiant.com — Cisco Umbrella Rank: 205679	743 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	859 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2	48 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
5	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2869	26 KB
3	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 14977 hi.hellobar.com — Cisco Umbrella Rank: 45256	79 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	154 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
2	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3666	26 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 550	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	fireeye.com www.fireeye.com — Cisco Umbrella Rank: 178998	1018 B
79	13

	Domain	Requested by
26	www.mandiant.com	pages.mandiant.com www.mandiant.com
10	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	www.mandiant.com www.gstatic.com www.google.com
7	www2.mandiant.com	www.mandiant.com www2.mandiant.com
5	www.google-analytics.com	www.googletagmanager.com www.mandiant.com
5	consent.trustarc.com	www.mandiant.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	my.hellobar.com	www.googletagmanager.com my.hellobar.com
2	www.googletagmanager.com	www.mandiant.com www.googletagmanager.com
2	fonts.googleapis.com	consent.trustarc.com my.hellobar.com
2	static.addtoany.com	www.mandiant.com static.addtoany.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.mandiant.com
1	hi.hellobar.com	www.mandiant.com
1	cdnjs.cloudflare.com	www.mandiant.com
1	www.fireeye.com	www.mandiant.com
1	pages.mandiant.com
79	17

This site contains links to these domains. Also see Links.

Domain
investors.mandiant.com
login.mandiant.com
www.mandiant.fr
www.mandiant.de
www.mandiant.jp
www.mandiant.kr
careers.smartrecruiters.com
community.fireeye.com
partners.fireeye.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
trustarc.com

Subject Issuer	Validity	Valid
pages.mandiant.com Cloudflare Inc ECC CA-3	`2022-01-13` - `2023-01-12`	a year	crt.sh
mandiant.com Cloudflare Inc ECC CA-3	`2021-11-04` - `2022-11-03`	a year	crt.sh
fireeye.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www2.mandiant.com Cloudflare Inc ECC CA-3	`2022-01-13` - `2023-01-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.hellobar.com Amazon	`2021-11-15` - `2022-12-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0
Frame ID: 4A3A6893AFBAFC9470222118A18064A7
Requests: 55 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: D229CF66597D4E6E34723A000C76CDBD
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: D0264C0F55FFC8AFA4E632AE1716D02C
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=jru1hbwvk4yc
Frame ID: BFE749D689BFF13021D6C3CCE8102460
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=compact&cb=amvg4f92spjo
Frame ID: 28842F555D1646F69CC0A1D15605B4DE
Requests: 1 HTTP requests in this frame

Frame: https://www2.mandiant.com/index.php/form/XDFrame
Frame ID: 51A033C6412EAF9899D8FE0FD60C4137
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=jru1hbwvk4yc
Frame ID: 1FF3F2C0D0C273BB693EEC7F5C794C37
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=compact&cb=amvg4f92spjo
Frame ID: C0F8C8426FE92C283E38FC5EABAC05EA
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 642697626EA54A9C91244E82696B3045
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: E1EB6924B35387E616F8DE4E826CCD8D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Incident Response Services | Incident & Security Breach Support

Page URL History Show full URLs

https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDN3DeE5i6gAdo843It04wGx-rPdANFFkbgepX0yrWqWtoCjPNBM-KKF5c... Page URL
https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7z... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha
/recaptcha/api\.js

Page Statistics

79
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

1979 kB
Transfer

4901 kB
Size

6
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://investors.mandiant.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://login.mandiant.com/
Title: .userlayer-1{fill:none;stroke-miterlimit:10;stroke-width:15px}

Search URL Search Domain Scan URL

URL: https://www.mandiant.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.mandiant.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.mandiant.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.mandiant.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://careers.smartrecruiters.com/mandiant/all/
Title: Careers

Search URL Search Domain Scan URL

URL: https://community.fireeye.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://partners.fireeye.com/English/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mandiant

Search URL Search Domain Scan URL

URL: https://twitter.com/Mandiant

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCexu0DP7VKdDByusuTA53FQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mandiant/

Search URL Search Domain Scan URL

URL: https://trustarc.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDN3DeE5i6gAdo843It04wGx-rPdANFFkbgepX0yrWqWtoCjPNBM-KKF5cnIZRhy7k_oIqE9I= Page URL
https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NTY1LVBFSS05NTIAAAGDN3DeE5i6gAdo843It04wGx-rPdANFFkbgepX0yrWqWtoCjPNBM-KKF5cnIZRhy7k_oIqE9I=
pages.mandiant.com/ 477 B
958 B 171ms
139ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDN3DeE5i6gAdo843It04wGx-rPdANFFkbgepX0yrWqWtoCjPNBM-KKF5cnIZRhy7k_oIqE9I=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 18 Mar 2022 03:44:55 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6edaf8f7e8905c20-FRA
content-encoding: gzip

GET
H2 200 Primary Request report-incident Show response
www.mandiant.com/ 65 KB
18 KB 1021ms
778ms Document
text/html 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0

Requested by

Host: pages.mandiant.com
URL: https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDN3DeE5i6gAdo843It04wGx-rPdANFFkbgepX0yrWqWtoCjPNBM-KKF5cnIZRhy7k_oIqE9I=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e0ed76abb41fa686f5d2b3a7c439c04a7e8823635001c0d3bd653bf7a9a953e

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pages.mandiant.com/

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=2764800, public
link: <https://www.mandiant.com/report-incident>; rel="canonical" <https://www.mandiant.com/report-incident>; rel="alternate"; hreflang="en"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 18 Mar 2022 03:44:55 GMT
etag: "1647575095"
vary: Cookie,Accept-Encoding
content-security-policy: report-uri /report-csp-violation
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin
expect-ct: max-age=86400
content-encoding: gzip
x-request-id: v-c6c131b2-a66d-11ec-8df2-379a571915ed
x-ah-environment: prod
age: 0
via: varnish
x-cache: MISS
accept-ranges: bytes
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6edaf8fa9b955ca4-FRA

GET
H2 200 google_tag.script.js Show response
www.mandiant.com/sites/default/files/google_tag/google_tag_manager/ 348 B
565 B 27ms
26ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r8uivb

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 126980
x-cache: HIT
x-cache-hits: 41
x-ah-environment: prod
content-length: 280
x-request-id: v-73d0d3c8-a545-11ec-9dd2-136f53f03396
last-modified: Wed, 16 Mar 2022 16:23:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ff9f215ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css
www.mandiant.com/sites/default/files/css/ 9 KB
3 KB 35ms
34ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 590920
x-cache: HIT
x-cache-hits: 40
x-ah-environment: prod
content-length: 2495
x-request-id: v-490c9bfa-9437-11ec-bc8e-073319a8ccc4
last-modified: Tue, 15 Feb 2022 18:04:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ff9f225ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 clientlibs_recaptcha.min.css
www.fireeye.com/etc/designs/fireeye-www/ 649 B
1018 B 51ms
24ms Stylesheet
text/css 2606:4700:300b::a29f:f67d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_recaptcha.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f67d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9

Security Headers

Name	Value
Content-Security-Policy	worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://content.fireeye.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest1
date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3997
x-vhost: publish
vary: Accept-Encoding,User-Agent
content-length: 373
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Mar 2022 23:39:36 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://content.fireeye.com
etag: "289-5da728b011d2c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
accept-ranges: bytes
cf-ray: 6edaf8ffcbfb92a7-FRA
expires: Fri, 18 Mar 2022 07:44:56 GMT

GET
H2 200 css_BQ4zkU-VhaFMstlz-yar6r9ZKv19rYwFGRkEflhZZqs.css
www.mandiant.com/sites/default/files/css/ 1 KB
451 B 27ms
27ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_BQ4zkU-VhaFMstlz-yar6r9ZKv19rYwFGRkEflhZZqs.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

050e33914f9585a14cb2d973fb26abeabf592afd7dad8c051919047e585966ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 469493
x-cache: HIT
x-cache-hits: 35
x-ah-environment: prod
content-length: 313
x-request-id: v-210e89c2-9fe7-11ec-a473-13fdd2d6bb7b
last-modified: Wed, 23 Feb 2022 16:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ff9f235ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 51ms
19ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 723471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4364
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ij1LuZYfPSbt3grBbiYUgHGfERxXQMlw639Y8zYuJ658mrWqbKE4%2Flgzv2OnI1hOVRlOcaa%2FflTlb4DrO0A%2B0wzTXGlE0oXJ%2FRrpxCfyiReCYemxf6dPx%2F9oNe9Utqu5nLvTaFwGm6CyNgT0vE%2BNCvM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6edaf8ffda61695b-FRA
expires: Wed, 08 Mar 2023 03:44:56 GMT

GET
H2 200 css_GAicnP3bYJUEFa6ZPlbx0Cf9Uz7etRie94Rc-zPmnxI.css
www.mandiant.com/sites/default/files/css/ 143 KB
21 KB 29ms
28ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_GAicnP3bYJUEFa6ZPlbx0Cf9Uz7etRie94Rc-zPmnxI.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18089c9cfddb60950415ae993e56f1d027fd533edeb5189ef7845cfb33e69f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 722998
x-cache: HIT
x-cache-hits: 29
x-ah-environment: prod
content-length: 21738
x-request-id: v-c15c1956-9fd5-11ec-8c2e-2f7ed9a087e9
last-modified: Wed, 09 Mar 2022 18:17:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ff9f245ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
www.mandiant.com/sites/default/files/css/ 261 KB
31 KB 27ms
27ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

324f5cf9dbfef7a2e0c9cecd227f7ca03511b7e305c9026ec775cfa4a986890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 725260
x-cache: HIT
x-cache-hits: 9
x-ah-environment: prod
content-length: 31366
x-request-id: v-214eb464-9fd5-11ec-a515-3797c6d35771
last-modified: Wed, 09 Mar 2022 18:17:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ff9f255ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 mndt-gen-tall-bg.jpg
www.mandiant.com/sites/default/files/2021-09/ 6 KB
6 KB 395ms
394ms Image
image/jpeg 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/mndt-gen-tall-bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-cache-hits: 108
x-ah-environment: prod
content-length: 5790
x-request-id: v-cafec3c4-9fde-11ec-bcf9-77ffff8c0ced
last-modified: Mon, 27 Sep 2021 18:09:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ffff6c5ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 forms2.min.js Show response
www2.mandiant.com/js/forms2/js/ 205 KB
68 KB 104ms
25ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 85
etag: "361d30-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6edaf9006dde6997-FRA
expires: Fri, 18 Mar 2022 07:44:56 GMT

GET
H2 200 js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js Show response
www.mandiant.com/sites/default/files/js/ 102 KB
35 KB 21ms
21ms Script
text/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6399ecced1af9037a7e76cdd739177b8f2ab165daf2e70d70dfcbea2d03544a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 648038
x-cache: HIT
x-cache-hits: 5
x-ah-environment: prod
content-length: 35245
x-request-id: v-3d75142a-9fe0-11ec-9be8-1f40a60a4f53
last-modified: Mon, 07 Mar 2022 13:00:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ffff645ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
993 B 131ms
46ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c47ca8c409b9420cec609887fa1db1d251be0377875bfddeb30c78c1b19a1e41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 03:44:56 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 46ms
28ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 68821
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6edaf9001b259b25-FRA
cf-bgj: minify

GET
H2 200 js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js Show response
www.mandiant.com/sites/default/files/js/ 176 KB
56 KB 42ms
41ms Script
text/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e38f9c710bcd365c34ade79b6685adebe034dee9ca0e276d97e65b627a3c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 725260
x-cache: HIT
x-cache-hits: 6
x-ah-environment: prod
content-length: 56915
x-request-id: v-254b9a14-9fd5-11ec-878f-ff5994944f0b
last-modified: Wed, 09 Mar 2022 18:17:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ffff6a5ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 eb5srz Show response
consent.trustarc.com/v2/notice/ 68 KB
20 KB 39ms
13ms Script
text/javascript 13.225.80.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/v2/notice/eb5srz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-11.fra2.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:43:32 GMT
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
age: 84
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-encoding: gzip
x-amz-cf-id: riZ47ZAzPbeXn3VYarMqtZY8oqdu---ZwMVwk3SvjEmrTrU_EVm6Zg==

GET
H2 200 fontloader.built.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 27ms
27ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 322301
x-cache: HIT
x-cache-hits: 59
x-ah-environment: prod
content-length: 2334
x-request-id: v-f91bd6ba-9fe9-11ec-9201-fbace669d786
last-modified: Wed, 09 Mar 2022 18:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf8ffff6e5ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 27ms
27ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25453
x-cache: MISS
x-ah-environment: prod
content-length: 56020
x-request-id: v-5ffea658-852f-11ec-bfb9-a3c5761841d1
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf9002f915ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 71 KB
71 KB 28ms
28ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 604489
x-cache: HIT
x-cache-hits: 88
x-ah-environment: prod
content-length: 72380
x-request-id: v-da32b81a-9407-11ec-8112-ffc30f6fe964
last-modified: Wed, 02 Feb 2022 10:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf9002f925ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 MaterialIcons-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/ 119 KB
119 KB 30ms
30ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/MaterialIcons-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bfd6c9f16e9a62258c555f8ee34be02350384ff1c233ec63581094f6943a34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 328539
x-cache: HIT
x-cache-hits: 166
x-ah-environment: prod
content-length: 121680
x-request-id: v-0498fcf8-9fda-11ec-ae62-e78c83301b47
last-modified: Wed, 09 Mar 2022 18:16:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf9002f935ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 incident.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 1023 B
604 B 27ms
26ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4
x-cache: HIT
x-cache-hits: 97
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-cc2faf6e-9ff3-11ec-ae93-83ed4f55885e
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6edaf9003f965ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 contact.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 716 B
529 B 28ms
27ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 322253
x-cache: HIT
x-cache-hits: 19
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-870927da-9409-11ec-9507-c3cc6aed761f
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6edaf9003f975ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 support.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 4 KB
2 KB 32ms
32ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/support.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35316
x-cache: HIT
x-cache-hits: 18
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-74457df4-8f8d-11ec-88bc-cbed12305f5a
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6edaf9003f985ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 advantage-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 203 B
298 B 27ms
27ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/advantage-arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 652129
x-cache: HIT
x-cache-hits: 9
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-8705a574-9409-11ec-bf54-9b15f746c9a8
last-modified: Thu, 03 Feb 2022 17:26:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6edaf9003f9b5ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
56 KB 29ms
28ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 630259
x-cache: HIT
x-cache-hits: 50
x-ah-environment: prod
content-length: 57572
x-request-id: v-86adaef0-9409-11ec-b165-3b27d8be16ab
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf900bffa5ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
57 KB 29ms
28ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 630257
x-cache: HIT
x-cache-hits: 52
x-ah-environment: prod
content-length: 57764
x-request-id: v-3928b072-894f-11ec-8e00-6b6a29e9ac61
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf900bffe5ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 29ms
29ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 595500
x-cache: HIT
x-cache-hits: 79
x-ah-environment: prod
content-length: 55968
x-request-id: v-874a742e-9409-11ec-9bdc-6f2dc15f6985
last-modified: Wed, 02 Feb 2022 10:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf900b8025ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 getForm Show response
www2.mandiant.com/index.php/form/ 26 KB
6 KB 499ms
498ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/index.php/form/getForm?munchkinId=565-PEI-952&form=1015&url=https%3A%2F%2Fwww.mandiant.com%2Freport-incident&callback=jQuery112407637318858183311_1647575095854&_=1647575095855

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3df45cf82b76f3b92477cd9dc9e9e3f29e20cb5b02536aee0fd9878abb11a253

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cf-ray: 6edaf9017e9d6997-FRA
cached: false

GET
H2 200 974.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 9 KB
3 KB 31ms
31ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?0931c5

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3db2a9223644ed048da912927deafff6534b8f5e59d3bdbd5abcc87fa489cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 725258
x-cache: HIT
x-cache-hits: 6
x-ah-environment: prod
content-length: 2659
x-request-id: v-25646814-9fd5-11ec-8f90-e727f5237f64
last-modified: Wed, 09 Mar 2022 18:16:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf901c8e35ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 416.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 3 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/416.bundle.js?ca836e

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4694bfd9721d7d0e5378f47467ffebb3b4c991685daedb44351497de1285f822

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 609792
x-cache: HIT
x-cache-hits: 12
x-ah-environment: prod
content-length: 1233
x-request-id: v-86a4b8f4-9409-11ec-93dd-574b7a5eed01
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf901c8e45ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 404.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 406 B
412 B 21ms
21ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 940798
x-cache: HIT
x-cache-hits: 16
x-ah-environment: prod
content-length: 263
x-request-id: v-d4ece9e6-9058-11ec-ac6f-db3eff79a60c
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf901c8e65ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 cta-arrow_wh.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 797 B
494 B 32ms
32ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/cta-arrow_wh.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b41500fe000181ac35010706ecfb436c300df5bdc66fa46f24c79e2dd334dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 322051
x-cache: HIT
x-cache-hits: 16
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-3d5ebf5c-9416-11ec-b53d-6378fe28e3f8
last-modified: Wed, 16 Feb 2022 23:12:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6edaf901c8e85ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ 360 KB
143 KB 124ms
36ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 17:06:02 GMT

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame D229 741 B
554 B 16ms
15ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e4s
cf-cache-status: HIT
age: 2061878
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6edaf901ec639b25-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 138ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/v2/notice/eb5srz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e5e148a6482560efb2b4727dc197aec735495698a07578b5801814f869f72a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 02:45:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 03:44:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 03:44:56 GMT

GET
H2 200 ic-error.svg
consent.trustarc.com/v2/asset/ 5 KB
1 KB 10ms
7ms Image
image/svg+xml 13.225.80.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-error.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-11.fra2.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Fri, 18 Mar 2022 02:47:13 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:12 GMT
server: openresty/1.15.8.2
age: 3469
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: J7-FFHlno80scWubWKHX4847GRX46ygapqwsgbO5HeEaU63lYzaQtA==

GET
H2 200 ic-close-white.svg
consent.trustarc.com/v2/asset/ 7 KB
2 KB 10ms
7ms Image
image/svg+xml 13.225.80.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-close-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-11.fra2.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Fri, 18 Mar 2022 02:47:13 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:09 GMT
server: openresty/1.15.8.2
age: 3514
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: cjqVlGxRsky6b9CZ75tm-j_IyL3nUAyRK6vVgBCYl4UDYMyQ_blkhA==

GET
H2 200 ic-close.svg
consent.trustarc.com/v2/asset/ 6 KB
1 KB 10ms
7ms Image
image/svg+xml 13.225.80.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-11.fra2.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Fri, 18 Mar 2022 03:15:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:11 GMT
server: openresty/1.15.8.2
age: 2358
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: O6talrj9a1cufbzctBBLt5RiZxsZ6ky-J0wWNz2K3em5o46D0Pq53w==

GET
H2 200 trustarc-logo-xs.svg
consent.trustarc.com/v2/asset/ 3 KB
2 KB 9ms
8ms Image
image/svg+xml 13.225.80.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/trustarc-logo-xs.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-11.fra2.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Fri, 18 Mar 2022 03:35:21 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 02:29:33 GMT
server: openresty/1.15.8.2
age: 841
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7xKkraQT_LGOHULx2FwrDjKVSkO8LgSNKWOqaYh4QnquyWfNcjjlAg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 340 KB
91 KB 160ms
74ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r8uivb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

119af0bf44f37cac77c84cc71412cf67dabc4b3aa80a1aec1276da93a2e9b258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92796
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Mar 2022 03:44:56 GMT

GET
H2 200 arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 231 B
469 B 21ms
21ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 604006
x-cache: HIT
x-cache-hits: 45
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-8704b04c-9409-11ec-9bc3-73234070dfe2
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6edaf902494d5ca4-FRA
expires: Fri, 01 Apr 2022 03:44:56 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 129ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 121286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 18:03:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 104ms
58ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

699864cc05e3c83d1734ff3135c59b9112c33d81e9f1379b7cb2f0b9b5103c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64583
x-xss-protection: 0
expires: Fri, 18 Mar 2022 03:44:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 607
date: Fri, 18 Mar 2022 03:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Mar 2022 05:34:50 GMT

GET
H2 200 9733b1e1169991b694a1ddb4dc45463acc83618f.js Show response
my.hellobar.com/ 32 KB
6 KB 71ms
21ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e65e18000f7b0898d293c4d9aa7513faa97071bb50df04bc8d51cdff2b5342

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Mar 2022 16:28:52 GMT
server: cloudflare
age: 4
etag: W/"cdbb37942a28cf8a6d51fa412508c078"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 6edaf90429a0916a-FRA
x-amz-request-id: 56ZNA4EA4H16S30T
x-amz-id-2: sXymHcVNBQauk27/ilUCjfZPEDtVLgutuYbpv6fzN9LHEVxtDafQfgQA2+POiCNIo23MfTn2dl8=
cf-bgj: minify

GET
H2 200 modules.js Show response
my.hellobar.com/ 252 KB
73 KB 26ms
26ms Script
text/javascript 2606:4700:10::6816:f17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:f17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2395587b59ce0608e44178cf25dc89e77636ff7034e6eb28430d04c72b9b8c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2810
cf-polished: origSize=257872
x-amz-request-id: GRZHP8KHSGY7EE1Y
x-amz-id-2: Cu8YLeb/zsznIUDPjEqaxNTPvv0Xytk0dTom5VyLJ7aseobLYs78hEYqj/b/a/6ijUN6qKKLoYA=
last-modified: Fri, 11 Mar 2022 08:55:53 GMT
server: cloudflare
etag: W/"da9622a93875ff25e8857638876adf06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6edaf90459ba916a-FRA
cf-bgj: minify

GET
H2 200 forms2.css
www2.mandiant.com/js/forms2/css/ 13 KB
3 KB 24ms
23ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/css/forms2.css

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85
content-length: 2623
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "21805ba-3437-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6edaf904c91e6997-FRA
expires: Fri, 18 Mar 2022 07:44:57 GMT

GET
H2 200 forms2-theme-simple.css
www2.mandiant.com/js/forms2/css/ 826 B
533 B 28ms
27ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 85
content-length: 242
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
etag: "21805b7-33a-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6edaf904c9206997-FRA
expires: Fri, 18 Mar 2022 07:44:57 GMT

GET
H2 200 getKnownLead Show response
www2.mandiant.com/index.php/form/ 188 B
430 B 436ms
436ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/index.php/form/getKnownLead?form=1015&lpId=&munchkinId=565-PEI-952&filledFields=true&mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&callback=jQuery112407637318858183311_1647575095854&_=1647575095856

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a40736148a83e51dada811fcd9b0c96a1f8aaf7250fbe9949ca86b14970810

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
cf-ray: 6edaf904c9236997-FRA

GET
DATA 200
OK truncated
/ Frame D026 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728

Request headers

Referer
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 css
fonts.googleapis.com/ Frame D026 664 B
356 B 102ms
55ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 02:46:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 03:44:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 03:44:57 GMT

GET
H2 200 RigAmohdU9MTvmVZd0rlHdmJRPzeJ586-zGreMZj66
hi.hellobar.com/v/Vuhjsi7WCl5l0siTg1GzmSj-_iLpS/ 35 B
359 B 673ms
624ms Image
image/gif 2600:9000:20eb:9600:1b:45dc:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.hellobar.com/v/Vuhjsi7WCl5l0siTg1GzmSj-_iLpS/RigAmohdU9MTvmVZd0rlHdmJRPzeJ586-zGreMZj66?t=1647575096&v=8c4a8dda-7c79-4be1-bb30-c29548201196&f=i&s=bcb4e7f4178eb29b4690ef10bd99cea1f0be6e5f7b6e24119879fb9ee8b3f63714cc770232febd2aae4387b86defe45c465beeaa6204a9838f496fe6bec02215
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9600:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 14:20:21 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Tue, 10 Apr 2018 13:15:02 GMT
server: AmazonS3
age: 48278
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Error from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: t6FUHbKv9h4B8LQBxloLR2t8DuzsLcRZ9Y9cPQzmurG8mmB9dc__2g==

GET
H2 200 google-cloud-22px.png
www.mandiant.com/sites/default/files/2022-03/ Frame D026 2 KB
2 KB 21ms
21ms Image
image/png 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2022-03/google-cloud-22px.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d9ba14f6b6a19689abbf49bd5b8b03413896d8557a1cc641128334b429b8f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 803796
x-cache: HIT
x-cache-hits: 44
x-ah-environment: prod
content-length: 1708
x-request-id: v-cca59b00-9f19-11ec-ac3d-2f1626fbeab4
last-modified: Tue, 08 Mar 2022 19:55:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6edaf9053bb25ca4-FRA
expires: Fri, 01 Apr 2022 03:44:57 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame D026 23 KB
23 KB 86ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 116067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame BFE7 0
0 131ms
79ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=jru1hbwvk4yc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L0NwMe49DI1u5F814bgMsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Mar 2022 03:44:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-L0NwMe49DI1u5F814bgMsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22664
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 2884 0
0 101ms
61ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=compact&cb=amvg4f92spjo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w6bd6Qwfcjbmg5ZOiGCtSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Mar 2022 03:44:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-w6bd6Qwfcjbmg5ZOiGCtSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22675
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 XDFrame Show response
www2.mandiant.com/index.php/form/ Frame 51A0 2 KB
943 B 121ms
121ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/index.php/form/XDFrame

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13a35f6809ebd06635401be41681b52dd7f36d45fd6624e75ab5ce909419d427

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6edaf9081b816997-FRA
content-encoding: gzip

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1FF3 43 KB
22 KB 59ms
58ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=jru1hbwvk4yc

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa961cf1b1a7fd905331ec9f2b6ac4756ccd48803110b9c06cceab0bb8216d43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d0Q0CG0qUIdJdnu0PV9fkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Mar 2022 03:44:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-d0Q0CG0qUIdJdnu0PV9fkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22711
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C0F8 43 KB
22 KB 55ms
55ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=compact&cb=amvg4f92spjo

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ba8fab6718f334e21f6aae9018411243643201facbdcb157dbad5d85847f011

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7AQFp6O9Y+y3CDudSB8JUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Mar 2022 03:44:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-7AQFp6O9Y+y3CDudSB8JUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22691
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 94ms
47ms Ping
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe3e0&_p=1519623269&sr=1600x1200&gcs=G100&ul=en-us&cid=1397003064.1647575097&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&dr=https%3A%2F%2Fpages.mandiant.com%2F&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&sid=1647575096&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 03:44:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 86ms
40ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1519623269&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHAAgAABE~&cid=1397003064.1647575097&tid=UA-203244293-1&_gid=989996395.1647575097&gtm=2wg3e0T72STLD&cg1=null&cg2=report-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&cd2=Pageview&cd3=1647575096247.0r2arkom&cd4=2022-03-18T03%3A44%3A56.247%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd15=null&cd16=null&gcs=G100&cd1=1397003064.1647575097&z=510491905

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 21:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23987
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 85ms
39ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1519623269&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=trustarc&ea=banner_served&_u=aHgAgAABE~&cid=1397003064.1647575097&tid=UA-203244293-1&_gid=630030483.1647575097&gtm=2wg3e0T72STLD&cg1=null&cg2=report-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&cd3=1647575096269.seadv1vx&cd4=2022-03-18T03%3A44%3A56.269%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd15=null&cd16=null&gcs=G100&cd1=1397003064.1647575097&z=563741198

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 21:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23987
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame C0F8 51 KB
24 KB 81ms
37ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=compact&cb=amvg4f92spjo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 16:09:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame C0F8 360 KB
142 KB 118ms
74ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 17:06:02 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 1FF3 51 KB
24 KB 81ms
39ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 16:09:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 1FF3 360 KB
142 KB 129ms
88ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 17:06:02 GMT

GET
H2 200 forms2.min.js Show response
www2.mandiant.com/js/forms2/js/ Frame 51A0 205 KB
68 KB 22ms
22ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/js/forms2.min.js

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www2.mandiant.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 07 Mar 2022 19:28:07 GMT
server: cloudflare
age: 86
etag: "361d30-3326e-5d9a5dd2b7fc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6edaf908ec326997-FRA
expires: Fri, 18 Mar 2022 07:44:57 GMT

GET
DATA 200
OK truncated
/ Frame 1FF3 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1FF3 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1FF3 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 175168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Mar 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1FF3 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 211097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C0F8 102 B
134 B 49ms
48ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=compact&cb=amvg4f92spjo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 03:44:58 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1FF3 102 B
134 B 52ms
52ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&size=normal&cb=jru1hbwvk4yc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 03:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 03:44:58 GMT

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 35ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
x-amz-request-id: KNQANJ80E1FN269S
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: Sh7Cvgr73BCiIvDckzmjAEf2cpIK5DZv0A+WUvfdZOgdwJ+pzJ+ZWgZWebtdJVA9Hc4VrUkcvoQ=
x-served-by: cache-hhn4077-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1647575098.135508,VS0,VE0
date: Fri, 18 Mar 2022 03:44:58 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6090

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 6426 7 KB
1 KB 49ms
48ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e45ec73661b889a7a06efd08e8535e925d48b9822239c50e494e0b48259bbbb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d/PBbze/vUkscWGqNWSfOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Mar 2022 03:44:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-d/PBbze/vUkscWGqNWSfOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1519623269&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=25%25&el=%2Freport-incident&_u=aHgAgAABE~&cid=1397003064.1647575097&tid=UA-203244293-1&_gid=1910515332.1647575098&gtm=2wg3e0T72STLD&cg1=null&cg2=report-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDN3DeE9vzZ83eY9eH-F8I9rxK_B4XNj7zXBjigrP2q7CmKLZDEH2vfUhVfplSYwi7DH1J0cb-GPlTVIS5fmjmy9cxNH6Psg2U_RvQwdn0&cd2=Event&cd3=1647575097520.c20ki6sh&cd4=2022-03-18T03%3A44%3A57.520%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd6=1015&cd13=Incident%20Response&cd15=null&cd16=null&gcs=G100&cd1=1397003064.1647575097&z=743719568

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Mar 2022 21:05:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23988
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E1EB 7 KB
1 KB 50ms
50ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0773c0b8feddac184e2689950ad682a809560332530b55f9228346204be95e8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GYrntXcxNiY7y5/MjLlBiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Mar 2022 03:44:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-GYrntXcxNiY7y5/MjLlBiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK NRJS-890ead692fb1e944fb6 Show response
bam.nr-data.net/1/ 57 B
322 B 430ms
107ms Script
text/javascript 162.247.242.31
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-890ead692fb1e944fb6?a=1404479750&v=1215.1253ab8&to=YlRVYERZV0ZSWhINX1sedldCUVZbHH0UEUBUXWtaWVxcaXBWCBBCWl1bUURkd1pXXDANVUJyWFpCSlZZX1wUSQ5DWFJD&rst=3004&ck=1&ref=https://www.mandiant.com/report-incident&ap=300&be=1045&fe=2888&dc=1420&perf=%7B%22timing%22:%7B%22of%22:1647575094530,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:2,%22c%22:2,%22s%22:15,%22ce%22:244,%22rq%22:244,%22rp%22:1022,%22rpe%22:1023,%22dl%22:1026,%22di%22:1420,%22ds%22:1420,%22de%22:1446,%22dc%22:2888,%22l%22:2888,%22le%22:2891%7D,%22navigation%22:%7B%7D%7D&fp=1116&fcp=1116&at=ThNWFgxDREg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.31 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.uk
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 6426 51 KB
24 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 16:09:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 6426 360 KB
142 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 17:06:02 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame E1EB 51 KB
24 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 16:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 300957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 16:09:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame E1EB 360 KB
142 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=zLD1nfkNCJC1kEswSRdSyd-p&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145350
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 17:06:02 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.mandiant.com/	1969-12-31 23:59:59	Name: BIGipServerab_mailtracking_80 Value: !7TMlOuQWbrbWuHfaQbCLRqc3TBcuirGScJY9GJrTxCtXD+oZ6liGAbwXC4Sbxzv/EZK3binStWpYL9g=
.pages.mandiant.com/	1970-01-20 01:39:36	Name: __cf_bm Value: NwyQpgnSCwhaEsX0pSTQw3Vy9w03GMMyKNIFjaJtysc-1647575095-0-ATJZ2xObAjgcaLxxERLH7vMj1uOSNcyTDDVShvrf5y/mb15Abw+n3dUs0B8U635PqcaYnk8tWlCbr3H0bu3tA7E=
.mandiant.com/	1970-01-20 01:39:36	Name: __cf_bm Value: El2rm.NzsF1BV6GndXqVEu4EoB4dBYObSAlxImKeeWU-1647575096-0-AbBtzIUxgavFf6WWMZASqfESvG4nTkhbP4CyPlSVj0QduQbnOnm5nR/Ox4Au2DbD0e1tI5v4Pm08l69yi78pY3A=
www2.mandiant.com/	1969-12-31 23:59:59	Name: BIGipServerab24web-nginx-app_https Value: !OD96rDjtIWdVZdLaQbCLRqc3TBcuij9qoVawkpbgyhR5cFNoMcDYiexiHuXFiATx3F5LMlJ7cn1DT7g=
.www2.mandiant.com/	1970-01-20 01:39:36	Name: __cf_bm Value: C.PDbn.qRvGC4k86Q6VbDIf_5ugHFzTttmaXMZsU5PA-1647575097-0-AY8/ViureY+y/k+ZoWGFKMg1VGHVyIvHYmBrgr0gFtwzzRDZjO412sw9uKVHvMHru37Ym7U6corHpMb2Spfkht4=
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8b5cf918129d49fc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdnjs.cloudflare.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
hi.hellobar.com
js-agent.newrelic.com
my.hellobar.com
pages.mandiant.com
static.addtoany.com
www.fireeye.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mandiant.com
www2.mandiant.com
104.17.73.206
104.17.74.206
13.225.80.11
151.101.2.137
162.247.242.31
2600:9000:20eb:9600:1b:45dc:7080:93a1
2606:4700:10::6816:46c5
2606:4700:10::6816:f17
2606:4700:300b::a29f:f07d
2606:4700:300b::a29f:f67d
2606:4700::6810:125e
2a00:1450:4001:800::200e
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
050e33914f9585a14cb2d973fb26abeabf592afd7dad8c051919047e585966ab
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
0773c0b8feddac184e2689950ad682a809560332530b55f9228346204be95e8d
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
0ba8fab6718f334e21f6aae9018411243643201facbdcb157dbad5d85847f011
0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6
119af0bf44f37cac77c84cc71412cf67dabc4b3aa80a1aec1276da93a2e9b258
13a35f6809ebd06635401be41681b52dd7f36d45fd6624e75ab5ce909419d427
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
18089c9cfddb60950415ae993e56f1d027fd533edeb5189ef7845cfb33e69f12
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05
1b41500fe000181ac35010706ecfb436c300df5bdc66fa46f24c79e2dd334dd4
1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
21e38f9c710bcd365c34ade79b6685adebe034dee9ca0e276d97e65b627a3c51
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2d9ba14f6b6a19689abbf49bd5b8b03413896d8557a1cc641128334b429b8f36
2e0ed76abb41fa686f5d2b3a7c439c04a7e8823635001c0d3bd653bf7a9a953e
324f5cf9dbfef7a2e0c9cecd227f7ca03511b7e305c9026ec775cfa4a986890a
3df45cf82b76f3b92477cd9dc9e9e3f29e20cb5b02536aee0fd9878abb11a253
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4694bfd9721d7d0e5378f47467ffebb3b4c991685daedb44351497de1285f822
4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79
4bfd6c9f16e9a62258c555f8ee34be02350384ff1c233ec63581094f6943a34a
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
5061cb0765c3ab9721b8e26bdfaba5819a1f14b27fc3d93b2809a1c83056277f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282
6399ecced1af9037a7e76cdd739177b8f2ab165daf2e70d70dfcbea2d03544a8
699864cc05e3c83d1734ff3135c59b9112c33d81e9f1379b7cb2f0b9b5103c71
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728
78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
7e5e148a6482560efb2b4727dc197aec735495698a07578b5801814f869f72a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e65e18000f7b0898d293c4d9aa7513faa97071bb50df04bc8d51cdff2b5342
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b3a40736148a83e51dada811fcd9b0c96a1f8aaf7250fbe9949ca86b14970810
b7aaea908b866c1619b9bf156a002c22b717a771bf22d9a2965151f9cf969670
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2395587b59ce0608e44178cf25dc89e77636ff7034e6eb28430d04c72b9b8c3
c47ca8c409b9420cec609887fa1db1d251be0377875bfddeb30c78c1b19a1e41
c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e
da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db2a9223644ed048da912927deafff6534b8f5e59d3bdbd5abcc87fa489cb1
e45ec73661b889a7a06efd08e8535e925d48b9822239c50e494e0b48259bbbb2
f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fa961cf1b1a7fd905331ec9f2b6ac4756ccd48803110b9c06cceab0bb8216d43
fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

www.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f07d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

71 %IPv6

13 Domains

17 Subdomains

18 IPs

3 Countries

1979 kBTransfer

4901 kBSize

6 Cookies

14 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

1979 kB
Transfer

4901 kB
Size

6
Cookies

79 HTTP transactions
3 data transactions