urlscan.io logo urlscan.io
SecurityTrails logo

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mandiant.com/apt1.
Effective URL: https://www.mandiant.com/apt1.
Submission: On November 20 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 82 HTTP transactions. The main IP is 2606:4700:300b::a29f:f07d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com. The Cisco Umbrella rank of the primary domain is 881166.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 2nd 2024. Valid for: 10 months.
This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 28 2606:4700:300... 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.35 15169 (GOOGLE)
6 216.58.206.68 15169 (GOOGLE)
3 172.67.39.148 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.75.120.157 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-AS...)
2 157.240.252.13 32934 (FACEBOOK)
3 2620:1ec:33:2... 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.102.106 16509 (AMAZON-02)
2 104.102.43.106 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.164.183.91 14618 (AMAZON-AES)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 52.222.236.74 16509 (AMAZON-02)
2 157.240.251.35 32934 (FACEBOOK)
1 192.28.144.124 15224 (OMNITURE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.131 15169 (GOOGLE)
9 2.18.64.90 20940 (AKAMAI-AS...)
2 142.250.184.238 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-AS...)
82 30
28    2606:4700:300b::a29f:f07d (United States)

ASN13335 (CLOUDFLARENET, US)
www.mandiant.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
6    216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net
www.google.com
3    172.67.39.148 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:480:15::213:7e4a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
snap.licdn.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
3    2620:1ec:33:2::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net
static.hotjar.com
2    104.102.43.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-43-106.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    2606:4700::6810:4769 (United States)

ASN13335 (CLOUDFLARENET, US)
scout-cdn.salesloft.com
2    54.164.183.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-183-91.compute-1.amazonaws.com
scout.salesloft.com
1    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
2    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
565-pei-952.mktoresp.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.it
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
9    2.18.64.90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-18-64-90.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    2a02:26f0:480:22::1726:62ee (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ipv6.6sc.co
Apex Domain
Subdomains		 Transfer
28 mandiant.com
www.mandiant.com — Cisco Umbrella Rank: 881166
940 KB
10 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5557
c.6sc.co — Cisco Umbrella Rank: 6739
ipv6.6sc.co — Cisco Umbrella Rank: 5633
b.6sc.co — Cisco Umbrella Rank: 3603
21 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
992 B
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
264 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
3 salesloft.com
scout-cdn.salesloft.com — Cisco Umbrella Rank: 11366
scout.salesloft.com — Cisco Umbrella Rank: 14334
4 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
15 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
243 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4382
28 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
211 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
907 B
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3671
6 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
1 google.it
www.google.it — Cisco Umbrella Rank: 28358
408 B
1 mktoresp.com
565-pei-952.mktoresp.com
318 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
393 B
1 t.co
t.co — Cisco Umbrella Rank: 904
628 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
14 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
5 KB
82 23
Domain Requested by
28 www.mandiant.com 6 redirects www.mandiant.com
7 b.6sc.co
6 www.google.com www.mandiant.com
www.googletagmanager.com
www.gstatic.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.gstatic.com www.mandiant.com
www.google.com
www.gstatic.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.mandiant.com
3 www.googletagmanager.com www.mandiant.com
www.googletagmanager.com
3 static.addtoany.com www.mandiant.com
static.addtoany.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com www.mandiant.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 scout.salesloft.com scout-cdn.salesloft.com
2 munchkin.marketo.net www.mandiant.com
munchkin.marketo.net
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 j.6sc.co www.mandiant.com
1 www.google.it www.mandiant.com
1 region1.analytics.google.com www.googletagmanager.com
1 565-pei-952.mktoresp.com munchkin.marketo.net
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com www.mandiant.com
1 analytics.twitter.com www.mandiant.com
1 t.co www.mandiant.com
1 scout-cdn.salesloft.com www.mandiant.com
1 static.hotjar.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 fonts.googleapis.com www.mandiant.com
1 cdnjs.cloudflare.com www.mandiant.com
82 31
Subject Issuer Validity Valid
mandiant.com
Cloudflare Inc ECC CA-3		 2024-03-02 -
2024-12-31		 10 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
static.addtoany.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-29 -
2024-11-27		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.marketo.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-22 -
2025-10-24		 a year crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-20 -
2025-04-19		 a year crt.sh
t.co
E5		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-30 -
2025-09-29		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.mktoresp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-15 -
2025-09-15		 a year crt.sh
*.google.it
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
6sc.co
R10		 2024-09-23 -
2024-12-22		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.mandiant.com/apt1.
Frame ID: 6193CEA1282BED986E2146C5025CC7CC
Requests: 76 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: 403148441E38D7561EF3D206CE8F70E4
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.mandiant.com
Frame ID: F8D83F926A1BAD967F6D3BA1F7F67070
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=qp3ox4z3nzsq
Frame ID: 0C303B1DE8A95CBE685007DB23CA7826
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=compact&cb=t03fd0jh2me3
Frame ID: 17B52D64C06FE54CBECC889D6AEE8F1A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=it&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: AEBFEE9693D5CE9FC2D01720BB6E408F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=it&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 2D2A3B44856403A6946AAFDDD06B8E19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 page | Mandiant

Page URL History Show full URLs

  1. http://www.mandiant.com/apt1. HTTP 307
    https://www.mandiant.com/apt1. Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

82
Requests

91 %
HTTPS

40 %
IPv6

23
Domains

31
Subdomains

30
IPs

4
Countries

1710 kB
Transfer

4604 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mandiant.com/apt1. HTTP 307
    https://www.mandiant.com/apt1. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.mandiant.com/sites/default/files/css/css_QKR71troqatwIwsgT13CVq0R757HyJJTTTs6zqiU97U.css?delta=0&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ HTTP 301
  • https://www.mandiant.com/sites/default/files/css/css_SlsKOHBmpTnG5Ax8zIQm5dqt4bDiAhyhdSuhADSHX_8.css?delta=0&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Request Chain 1
  • https://www.mandiant.com/sites/default/files/css/css_rXlD24n8X9OeJ1pdMIINoh6vRGq0-tyar08_RrGvAu8.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ HTTP 301
  • https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Request Chain 6
  • https://www.mandiant.com/sites/default/files/js/js_LJJYmnXzqnlmT0HQ_PZL_pP6qdkKW5zLH_RNPgYyNC8.js?scope=footer&delta=0&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH HTTP 301
  • https://www.mandiant.com/sites/default/files/js/js_9T5VjJRzjm_yZlO-cm4hgkzOR0kHhv7pWdFtvN9q04Q.js?scope=footer&delta=0&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Request Chain 8
  • https://www.mandiant.com/sites/default/files/js/js_QoqzC7yN-688QTYf2Ggk7n6VJ02ZD-8Cb7pu4s0pmAM.js?scope=footer&delta=2&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH HTTP 301
  • https://www.mandiant.com/sites/default/files/js/js_XF_aBigfJaZtYWVtCu8HKdIPvOgdO2C8sdAH38W1j4M.js?scope=footer&delta=2&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Request Chain 10
  • https://www.mandiant.com/sites/default/files/js/js_HIATwPiGJtSO1S2pcEIK1x9Zc5fDNclwK_vTn6Nfk7c.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH HTTP 301
  • https://www.mandiant.com/sites/default/files/js/js_C1XPt2motHhrNSwNqyGGZjHfy6WkuxMtminsFYEmGII.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Request Chain 12
  • https://www.mandiant.com/sites/default/files/js/js_tuMrhoqpCYEJ3d6cmlFAeD_bZGEMIE5dopiQmIYy_kg.js?scope=footer&delta=6&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH HTTP 301
  • https://www.mandiant.com/sites/default/files/js/js_DK8Co3dF14OxJJIiVCdr_NVlN5pqBpOY7eW7OiioAzA.js?scope=footer&delta=6&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Request Chain 43
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1732098258813&url=https%3A%2F%2Fwww.mandiant.com%2Fapt1. HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1732098258813&url=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&e_ipv6=AQIM-zM43E20NQAAAZNJGfgdghvQMqGv4r0NuEwpxTQDa4beFU0dejedMoe8y9sybzUGUw

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request apt1.
www.mandiant.com/
Redirect Chain
  • http://www.mandiant.com/apt1.
  • https://www.mandiant.com/apt1.
65 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106d831faf1f75672b7ef418ed23d93bb3a7295733bbad03860546bb33cd121d
Security Headers
Name Value
Content-Security-Policy report-uri /report-csp-violation
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=86400
cf-cache-status
EXPIRED
cf-ray
8e57bab84b613762-MXP
content-encoding
gzip
content-language
en
content-security-policy
report-uri /report-csp-violation
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 10:24:17 GMT
expect-ct
max-age=86400
expires
Thu, 21 Nov 2024 10:24:17 GMT
last-modified
Tue, 19 Nov 2024 19:54:14 GMT
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie, Accept-Encoding
via
varnish
x-ah-environment
prod
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
v-0d82ae9c-a6b0-11ef-bc7f-73ce34fde55d
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.mandiant.com/apt1.
Non-Authoritative-Reason
HttpsUpgrades
css_SlsKOHBmpTnG5Ax8zIQm5dqt4bDiAhyhdSuhADSHX_8.css
www.mandiant.com/sites/default/files/css/
Redirect Chain
  • https://www.mandiant.com/sites/default/files/css/css_QKR71troqatwIwsgT13CVq0R757HyJJTTTs6zqiU97U.css?delta=0&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6...
  • https://www.mandiant.com/sites/default/files/css/css_SlsKOHBmpTnG5Ax8zIQm5dqt4bDiAhyhdSuhADSHX_8.css?delta=0&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6...
17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/sites/default/files/css/css_SlsKOHBmpTnG5Ax8zIQm5dqt4bDiAhyhdSuhADSHX_8.css?delta=0&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5322df8f132fa12f87f440c208fa473acaa4544e0b136024a2a564c3b11948b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-d6b83444-a273-11ef-8801-ab7677bc0164
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:25:05 GMT
vary
Accept-encoding
x-cache-hits
821
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57babfbae33762-MXP
accept-ranges
bytes
content-length
4260
server
cloudflare

Redirect headers

surrogate-control
max-age=86400
x-request-id
v-80b6befe-a6e1-11ef-92fe-577b6bee20a3
cf-cache-status
MISS
expect-ct
max-age=86400
x-content-type-options
nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
16
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri /report-csp-violation
cache-control
public, max-age=86400, must-revalidate, s-maxage=86400, stale-if-error=3600, stale-while-revalidate=3600
location
/sites/default/files/css/css_SlsKOHBmpTnG5Ax8zIQm5dqt4bDiAhyhdSuhADSHX_8.css?delta=0&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
x-ah-environment
prod
referrer-policy
strict-origin
via
varnish
cf-ray
8e57babc3fc23762-MXP
x-xss-protection
1; mode=block
content-language
en
server
cloudflare
css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css
www.mandiant.com/sites/default/files/css/
Redirect Chain
  • https://www.mandiant.com/sites/default/files/css/css_rXlD24n8X9OeJ1pdMIINoh6vRGq0-tyar08_RrGvAu8.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6...
  • https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6...
718 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d72b6115a7a2e45a0adc1bc322f60d83befdda162d52e791ce6f575995d227
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-d6acab10-a273-11ef-805c-8b93850dc1c1
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:14:10 GMT
vary
Accept-encoding
x-cache-hits
822
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57babf0a623762-MXP
accept-ranges
bytes
content-length
85867
server
cloudflare

Redirect headers

surrogate-control
max-age=86400
x-request-id
v-80b1c53e-a6e1-11ef-a30c-db85b26db359
cf-cache-status
EXPIRED
expect-ct
max-age=86400
x-content-type-options
nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
40
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri /report-csp-violation
cache-control
public, max-age=86400, must-revalidate, s-maxage=86400, stale-if-error=3600, stale-while-revalidate=3600
location
/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
x-ah-environment
prod
referrer-policy
strict-origin
via
varnish
cf-ray
8e57babc3fc43762-MXP
x-xss-protection
1; mode=block
content-language
en
server
cloudflare
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"65993750-110c"
age
1089807
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2HgDbRhOP0SXayTKxw8YBm1AKVQ2YSHe18e26S05oFZZOp79b3Eci8cyawmzy4mwx7ZVRM2x4pnj4ErXWl0MOEpjuuUfUhHVL6V6jIHLAxcBcLY4vW6IWEK26k0WAzqInioY5j1"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 10:24:17 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 06 Jan 2024 12:19:44 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e57babc9f24dcac-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
4364
server
cloudflare
css2
fonts.googleapis.com/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400&family=Google+Sans:wght@500&display=swap
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a69d14f4a9ac8af3b5d72f5762514a5d6f5531418aff63380617f564a4c8ea57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 10:24:17 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
cookienotificationbar.min.css
www.gstatic.com/glue/cookienotificationbar/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
372dcb604072be98f12e6b48ecf53aa4238767fb34cc47723eeb3fc5552a65d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
gzip
report-to
{"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 17:10:20 GMT
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/gstatic"
content-length
1685
x-xss-protection
0
server
sffe
mandiant-google-rebrand-logo.png
www.mandiant.com/themes/custom/mandiant_theme/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/mandiant-google-rebrand-logo.png
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5e7b9e8baddcbb071e1a25a27c2879b4c0a571377c6525968c4f5b920a03eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-304c2d1a-a271-11ef-b4d3-97a54463025c
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:17 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4128
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57babc3fc53762-MXP
accept-ranges
bytes
content-length
15443
server
cloudflare
js_9T5VjJRzjm_yZlO-cm4hgkzOR0kHhv7pWdFtvN9q04Q.js
www.mandiant.com/sites/default/files/js/
Redirect Chain
  • https://www.mandiant.com/sites/default/files/js/js_LJJYmnXzqnlmT0HQ_PZL_pP6qdkKW5zLH_RNPgYyNC8.js?scope=footer&delta=0&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
  • https://www.mandiant.com/sites/default/files/js/js_9T5VjJRzjm_yZlO-cm4hgkzOR0kHhv7pWdFtvN9q04Q.js?scope=footer&delta=0&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/sites/default/files/js/js_9T5VjJRzjm_yZlO-cm4hgkzOR0kHhv7pWdFtvN9q04Q.js?scope=footer&delta=0&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
213ad0a7060614a596a3e70daac959dccfa9569e82363f6e0c6346d3b7ed87aa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-3aeb79ba-a271-11ef-97cd-2766edb579a5
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:17 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 10:10:11 GMT
vary
Accept-encoding
x-cache-hits
4192
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57babcf86d3762-MXP
accept-ranges
bytes
content-length
33288
server
cloudflare

Redirect headers

surrogate-control
max-age=86400
x-request-id
v-959e0da4-a65f-11ef-83c7-03fb6529383e
cf-cache-status
HIT
expect-ct
max-age=86400
x-content-type-options
nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
114
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri /report-csp-violation
cache-control
public, max-age=86400, must-revalidate, s-maxage=86400, stale-if-error=3600, stale-while-revalidate=3600
location
/sites/default/files/js/js_9T5VjJRzjm_yZlO-cm4hgkzOR0kHhv7pWdFtvN9q04Q.js?scope=footer&delta=0&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
x-ah-environment
prod
referrer-policy
strict-origin
via
varnish
cf-ray
8e57babc3fc63762-MXP
x-xss-protection
1; mode=block
content-language
en
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
08b4a10865f0c3f01aed6b14a4cec5a676aed7c899c6f3e60e0edbb4dfed0f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 20 Nov 2024 10:24:18 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
js_XF_aBigfJaZtYWVtCu8HKdIPvOgdO2C8sdAH38W1j4M.js
www.mandiant.com/sites/default/files/js/
Redirect Chain
  • https://www.mandiant.com/sites/default/files/js/js_QoqzC7yN-688QTYf2Ggk7n6VJ02ZD-8Cb7pu4s0pmAM.js?scope=footer&delta=2&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
  • https://www.mandiant.com/sites/default/files/js/js_XF_aBigfJaZtYWVtCu8HKdIPvOgdO2C8sdAH38W1j4M.js?scope=footer&delta=2&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/sites/default/files/js/js_XF_aBigfJaZtYWVtCu8HKdIPvOgdO2C8sdAH38W1j4M.js?scope=footer&delta=2&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66931290678a936e758497a169524872d7b65480eb69a57e57c187068a7b2986
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-9182c242-a271-11ef-b1e2-e3b7aeadc1fa
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 10:14:10 GMT
vary
Accept-encoding
x-cache-hits
4175
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac01b563762-MXP
accept-ranges
bytes
content-length
1057
server
cloudflare

Redirect headers

surrogate-control
max-age=86400
x-request-id
v-35827714-a661-11ef-8725-37e867535438
cf-cache-status
HIT
expect-ct
max-age=86400
x-content-type-options
nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:17 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
141
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri /report-csp-violation
cache-control
public, max-age=86400, must-revalidate, s-maxage=86400, stale-if-error=3600, stale-while-revalidate=3600
location
/sites/default/files/js/js_XF_aBigfJaZtYWVtCu8HKdIPvOgdO2C8sdAH38W1j4M.js?scope=footer&delta=2&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
x-ah-environment
prod
referrer-policy
strict-origin
via
varnish
cf-ray
8e57babf6aaf3762-MXP
x-xss-protection
1; mode=block
content-language
en
server
cloudflare
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"3ae23968c16ec39faa9f97db5ea5195b"
age
13885
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1KVvUN%2BWT5kuuXavMYQrXCOcjgfY1rx0MW4jizU5c%2FRU%2BUdz0VprMqplq%2BIGjI3S4aR1ysQDkXfApV8KltkAE4MwPCMe40%2B%2BTYX9e2d9oqBvn2kSjtMxMV3XIksMbKuPl8TqpRz8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400, stale-while-revalidate=30, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e57bac30c1a1942-FRA
access-control-allow-origin
*
server
cloudflare
js_C1XPt2motHhrNSwNqyGGZjHfy6WkuxMtminsFYEmGII.js
www.mandiant.com/sites/default/files/js/
Redirect Chain
  • https://www.mandiant.com/sites/default/files/js/js_HIATwPiGJtSO1S2pcEIK1x9Zc5fDNclwK_vTn6Nfk7c.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
  • https://www.mandiant.com/sites/default/files/js/js_C1XPt2motHhrNSwNqyGGZjHfy6WkuxMtminsFYEmGII.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
417 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/sites/default/files/js/js_C1XPt2motHhrNSwNqyGGZjHfy6WkuxMtminsFYEmGII.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8782c1af4382d209058d9ce5fd96134666876fae2c4bf1683718787525cba33e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-3de433a0-a271-11ef-960b-63c8ba8b87af
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:19 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 10:10:15 GMT
vary
Accept-encoding
x-cache-hits
4203
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac37e3e3762-MXP
accept-ranges
bytes
content-length
126553
server
cloudflare

Redirect headers

surrogate-control
max-age=86400
x-request-id
v-8ef3907c-a728-11ef-98f8-f74f4c1a4ffa
cf-cache-status
EXPIRED
expect-ct
max-age=86400
x-content-type-options
nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
5
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri /report-csp-violation
cache-control
public, max-age=86400, must-revalidate, s-maxage=86400, stale-if-error=3600, stale-while-revalidate=3600
location
/sites/default/files/js/js_C1XPt2motHhrNSwNqyGGZjHfy6WkuxMtminsFYEmGII.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
x-ah-environment
prod
referrer-policy
strict-origin
via
varnish
cf-ray
8e57bac07bb73762-MXP
x-xss-protection
1; mode=block
content-language
en
server
cloudflare
accordion.frontend.min.js
www.mandiant.com/modules/contrib/ckeditor_accordion/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/modules/contrib/ckeditor_accordion/js/accordion.frontend.min.js?smxqu1
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9474894bf64b11c40884f83b0ba6888635bf90bfaae11db1944d99771f1c820
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-30de9f38-a271-11ef-8103-6f1b6c4680bc
content-encoding
gzip
cf-cache-status
DYNAMIC
age
519008
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 10:14:10 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 11:02:59 GMT
vary
Accept-Encoding
x-cache-hits
35508
cache-control
max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2bd9b3762-MXP
accept-ranges
bytes
content-length
1535
server
cloudflare
js_DK8Co3dF14OxJJIiVCdr_NVlN5pqBpOY7eW7OiioAzA.js
www.mandiant.com/sites/default/files/js/
Redirect Chain
  • https://www.mandiant.com/sites/default/files/js/js_tuMrhoqpCYEJ3d6cmlFAeD_bZGEMIE5dopiQmIYy_kg.js?scope=footer&delta=6&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
  • https://www.mandiant.com/sites/default/files/js/js_DK8Co3dF14OxJJIiVCdr_NVlN5pqBpOY7eW7OiioAzA.js?scope=footer&delta=6&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJ...
20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/sites/default/files/js/js_DK8Co3dF14OxJJIiVCdr_NVlN5pqBpOY7eW7OiioAzA.js?scope=footer&delta=6&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abeb66ecee551f641a926c278b376ecbd0980b81e726874919c7580657931f80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-3b30b250-a271-11ef-aebd-3f2cad26e3cc
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:19 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
text/javascript
last-modified
Thu, 14 Nov 2024 10:10:12 GMT
vary
Accept-encoding
x-cache-hits
4228
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac5e85b3762-MXP
accept-ranges
bytes
content-length
6304
server
cloudflare

Redirect headers

surrogate-control
max-age=86400
x-request-id
v-8ef4294c-a728-11ef-be34-9f20fef8da0b
cf-cache-status
EXPIRED
expect-ct
max-age=86400
x-content-type-options
nosniff
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-cache-hits
5
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
report-uri /report-csp-violation
cache-control
public, max-age=86400, must-revalidate, s-maxage=86400, stale-if-error=3600, stale-while-revalidate=3600
location
/sites/default/files/js/js_DK8Co3dF14OxJJIiVCdr_NVlN5pqBpOY7eW7OiioAzA.js?scope=footer&delta=6&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
x-ah-environment
prod
referrer-policy
strict-origin
via
varnish
cf-ray
8e57bac2bd9d3762-MXP
x-xss-protection
1; mode=block
content-language
en
server
cloudflare
cookienotificationbar.min.js
www.gstatic.com/glue/cookienotificationbar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
5f4d0b5cd0c7c7bc630b26cfa289a0354c02530d549d4a99d7d7b0b578ff2838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
gzip
report-to
{"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 17:10:20 GMT
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/gstatic"
content-length
6865
x-xss-protection
0
server
sffe
fontloader.built.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-30f389fc-a271-11ef-81e3-fb44d11157d6
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4151
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2bd9f3762-MXP
accept-ranges
bytes
content-length
2334
server
cloudflare
gtm.js
www.googletagmanager.com/ 		477 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01c01d63342cac254b208036c2212d48d5a1451031869c85e3849f4066e228ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 20 Nov 2024 10:24:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
138179
x-xss-protection
0
server
Google Tag Manager
nav-cta-arrow.png
www.mandiant.com/sites/default/files/2024-09/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mandiant.com/sites/default/files/2024-09/nav-cta-arrow.png
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21c3353df6df2eb5682feec3ffd3013bfbfd4b8b9d2fca7e60540ce88d055240
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-30fcfe6a-a271-11ef-8e20-87100c554195
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
image/png
last-modified
Mon, 16 Sep 2024 10:19:29 GMT
vary
Accept-Encoding
x-cache-hits
3587
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2ddbe3762-MXP
accept-ranges
bytes
content-length
1028
server
cloudflare
footer-bg-transparent.png
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/footer-bg-transparent.png
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-310e06b0-a271-11ef-b4bb-c3f362903c63
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4085
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2ddc03762-MXP
accept-ranges
bytes
content-length
136986
server
cloudflare
GoogleSans-Medium.ttf
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/ 		154 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/GoogleSans-Medium.ttf
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72f9df72eddef9a75aa93b0972c35491bab52d65c32714fe004b75bd7b5271
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-9102fae4-a271-11ef-947f-1bdd422b0bd2
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
font/ttf
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4508
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2fdd63762-MXP
server
cloudflare
GoogleSans-Regular.ttf
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/ 		154 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/GoogleSans-Regular.ttf
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8914b020e2c78fe86ca14198095455139f08047b8b52ab69003cb5af35cbbc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-31087196-a271-11ef-82e0-b7ede44fc26b
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
font/ttf
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4500
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2fdd83762-MXP
server
cloudflare
MaterialIcons-Outlined.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/ 		148 KB
148 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/MaterialIcons-Outlined.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09278f5e4175344bf9f92b8e2e7be3940da6ae4c067c21e66ea676fa8be58bee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-9100689c-a271-11ef-8bc1-ff9e8ad52b6b
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
font/woff2
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4585
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2fdda3762-MXP
accept-ranges
bytes
content-length
151244
server
cloudflare
GoogleSansDisplay-Medium.ttf
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/ 		154 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/google-sans/GoogleSansDisplay-Medium.ttf
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c1436cb0e94370dee18db4f09e3eb8e199713919adb33295536e6c26d9b74d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-310bef1a-a271-11ef-b52d-e78b4d0b60fa
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:18 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
font/ttf
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4521
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac2fddb3762-MXP
server
cloudflare
sm.25.html
static.addtoany.com/menu/ Frame 4031 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
24218
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8e57bac3a83c2c2d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 20 Nov 2024 10:24:18 GMT
last-modified
Wed, 20 Nov 2024 03:40:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3iTYe81ENprZ2CvJ8WFJANrUTqxamjRe8DtVBaUDxqcypx3rMqjo4pAowd5akjWJjsGQr9TcPEsyobGbRQqbE4V%2BQXVOdZ0L4GL8pNs0eqHhF6LcLODjrRd7EAELRWEk3L%2FQ6b1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.junnp81e.js
static.addtoany.com/menu/modules/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.junnp81e.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e6e4834d2c3691bbe81e6cdbd5ea9b75"
age
13084
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPij4fm6wqgg6MAXJ05lpoGdQ0iiC2WwnKtZz8cuEFPkS2%2B7L40S%2BUJvDgFVVZQ%2BrUuQ2yahKVsUDKwf%2Bv8f%2FVBHHfhAeVdeRj1LMmKh1jmOV76KYkh4wNc%2FR1xLXFiKBGEz1AdR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules
"/cdn-cgi/speculation"
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e57bac38e1ddc84-FRA
access-control-allow-origin
*
server
cloudflare
recaptcha__it.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		548 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/

Response headers

content-encoding
gzip
age
80863
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 11:56:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 11:56:35 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221864
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&scrsrc=www.googletagmanager.com&frm=0&rnd=167624704.1732098259&auid=1053429026.1732098259&npa=1&gtm=45He4bj0v849727317za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732098258630&tfd=2031&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers
js
www.googletagmanager.com/gtag/ 		325 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c&gtm=45He4bj0v849727317za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e308f369044d013615a3c411c2677ad9a9b2b0fc8b2a02a708b810dfb4a94c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 20 Nov 2024 10:24:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109931
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Wed, 20 Nov 2024 10:24:18 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 20:04:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kcgs7200099-IAD, cache-fra-etou8220140-FRA
x-amz-server-side-encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:15::213:7e4a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=9012
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Wed, 20 Nov 2024 10:24:18 GMT
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-mLe6hC7W' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-mLe6hC7W' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
MbQ4VJV12hAvg/s671UrPGJnUWF9AZlna9g0++1BD6HXOeL+otfdR870br1Bz5PglyoHb+8Zh05OUEiOjLK2yw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 28A212FAB5504FCB8FCDF1685573745B Ref B: VIEEDGE3008 Ref C: 2024-11-20T10:24:18Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
gzip
age
6173
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 08:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
hotjar-3008912.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3008912.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
ee850414eeda54e00bc2258e2f93f711f3af0df8b70ceff0eac2fa31963dd93a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/d7032c5d84306445bd5474d133bb94f3
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
B2Blz34SxI0fZkI_XrVeu4qMvvUpUmmoewMXoy8I9F_3D_dvuBV6mw==
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.43.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-43-106.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

Content-Encoding
gzip
ETag
"e75e5ba140b1c7e6ea79786633c1ba0d:1731465879.778595"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
741
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Date
Wed, 20 Nov 2024 10:24:18 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 13 Nov 2024 02:44:39 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
br
cf-cache-status
HIT
x-amz-version-id
6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
etag
W/"d74cc4825c8e333b2116da3fcc649db1"
age
6491
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 14:24:18 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript
last-modified
Mon, 13 Dec 2021 16:28:37 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-id-2
D4XGmA9Yo8wOVJjhqV7DFof1tngpyVDCLFKvmyPAnwzqeaa5NmvTyhUKdr1RN84MFzGRClK8GnI=
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=14400
x-amz-request-id
78AQGNAVNJTG2252
cf-ray
8e57bac50f90ed17-MXP
access-control-allow-origin
*
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame F8D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.mandiant.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
44927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 21:55:31 GMT
expires
Wed, 19 Nov 2025 21:55:31 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
r
scout.salesloft.com/ 		41 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDUwMDl9.GHpZgHyRyFl9iN7anlcbMbmW3chPCQZrSX98AJ7UjM8
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.183.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-183-91.compute-1.amazonaws.com
Software
/
Resource Hash
1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
6965ece44c8dc66744ec99bfcae521ac
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://www.mandiant.com
content-length
41
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
application/json; charset=utf-8
880805232811859
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/880805232811859?v=2.9.177&r=stable&domain=www.mandiant.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
ed4f67a99930c51c4f6721e29d85845330bb34d8a78e5681d98a2ce78c33a06e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-PLfEpzEL' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-PLfEpzEL' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=77, mss=1232, tbw=70972, tp=67, tpl=0, uplat=153, ullat=0
pragma
public
x-fb-debug
jJR+R3l5DtD0/pCTRwblXo7Xwz//0Q1KJLB7HJfhkmWJcQqW1DxPZ6CG9QNSu1NCv0lAVuPIi/4ddrWbmkI7mg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
adsct
t.co/i/ 		43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Europe%2FRome%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%268%2624%261600%261200%260%26na&eci=2&event_id=da9d3eb2-b8bb-4620-90a4-023cdab2ef7c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eddc179a-a7b9-4941-80b1-78cdaa874980&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5b0k&type=javascript&version=2.3.31
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
92984b6655ae8167
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ab6699782228c6325192ac9bfe45ed153b1612249149d98b144ecaec3c5ebafd
cf-cache-status
DYNAMIC
cf-ray
8e57bac61ff7383d-FRA
x-response-time
101
content-length
43
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Europe%2FRome%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%268%2624%261600%261200%260%26na&eci=2&event_id=da9d3eb2-b8bb-4620-90a4-023cdab2ef7c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eddc179a-a7b9-4941-80b1-78cdaa874980&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5b0k&type=javascript&version=2.3.31
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
0780c22dbb498416
cache-control
no-cache, no-store, max-age=0
x-connection-hash
cc075c9488e610f0949320be4a75a450c2260d81f0f618e979185503c78fde68
x-response-time
181
content-length
43
date
Wed, 20 Nov 2024 10:24:18 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_o
collect
www.google-analytics.com/j/ 		3 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=730805514&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&ul=it-it&de=UTF-8&dt=404%20page%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAEK~&jid=783198359&gjid=2136028406&cid=219849932.1732098259&tid=UA-203244293-1&_gid=597180048.1732098259&_slc=1&gtm=45He4bj0n81T72STLDv849727317za200&cg1=null&cg2=apt1.&cd2=Pageview&cd3=1732098258640.ogtbn0l3&cd4=2024-11-20T11%3A24%3A18.640%2B01%3A00&cd5=&cd15=null&cd16=null&cd24=unknown&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cd1=219849932.1732098259&npa=1&z=1187433746
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.mandiant.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:18 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.mandiant.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-203244293-1&cid=219849932.1732098259&jid=783198359&gjid=2136028406&_gid=597180048.1732098259&npa=1&_u=YGBAgEABAAAAAGAEK~&z=304767368
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.mandiant.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:18 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.mandiant.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
attribution_trigger
px.ads.linkedin.com/ 		2 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3460746&time=1732098258813&url=https%3A%2F%2Fwww.mandiant.com%2Fapt1.
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Referer
https://www.mandiant.com/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
000627558d708d97d299c91214713c2b
x-msedge-ref
Ref A: 86598846E06343489906CDFCB02447B1 Ref B: MIL30EDGE0916 Ref C: 2024-11-20T10:24:18Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYnVY1wjZfSmckSFHE8Kw==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1732098258813&url=https%3A%2F%2Fwww.mandiant.com%2Fapt1.
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1732098258813&url=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&e_ipv6=AQIM-zM43E20NQAAAZNJGfgdghvQMqGv4r0NuEwpxTQDa4beFU0dejedMoe8y9sybzUGUw
0
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1732098258813&url=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&e_ipv6=AQIM-zM43E20NQAAAZNJGfgdghvQMqGv4r0NuEwpxTQDa4beFU0dejedMoe8y9sybzUGUw
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 2F8B5E03493445F6994EA0D917037A6E Ref B: MIL30EDGE1507 Ref C: 2024-11-20T10:24:19Z
x-li-fabric
prod-lor1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYnVY10/4DH0lyrovrjiQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1732098258813&url=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&e_ipv6=AQIM-zM43E20NQAAAZNJGfgdghvQMqGv4r0NuEwpxTQDa4beFU0dejedMoe8y9sybzUGUw
x-msedge-ref
Ref A: A2954810C1A240F4BE9A4FF31271136E Ref B: MIL30EDGE1408 Ref C: 2024-11-20T10:24:18Z
x-li-fabric
prod-lor1
x-li-uuid
AAYnVY1xGiWig/Kehk3wKA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 20 Nov 2024 10:24:18 GMT
modules.6f60e575cf8ad7cb10f7.js
script.hotjar.com/ 		222 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3008912.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"56b1b49a4bdc4c874445907df778d045"
age
1368260
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
GfemUOI9ddhhJDQeqFr--o23z9r1vYIX2_H0UE1dDxlK0-NvUt2NIg==
date
Mon, 04 Nov 2024 14:19:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 Nov 2024 14:19:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56128
x-amz-cf-pop
FRA56-P4
5870833.js
bat.bing.com/p/action/ 		363 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5870833.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8AC17C3BED9A41938746B6C1270D2C05 Ref B: VIEEDGE3008 Ref C: 2024-11-20T10:24:18Z
x-cache
CONFIG_NOCACHE
date
Wed, 20 Nov 2024 10:24:18 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0380bb63086ed7ff7a6f86070c636c084859bbdbf663e6bb9eb2d7cf1983095
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-314db878-a271-11ef-b5cb-4f5dc67fef76
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:19 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
font/woff2
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4551
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac6087a3762-MXP
accept-ranges
bytes
content-length
56020
server
cloudflare
PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31978b5f4450c646afc351088b55c480c24f345c567b42179b3e7dcb1aa4727d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://www.mandiant.com/sites/default/files/css/css_h1q2B_doLTFU49BVA3banOUiQvUhjSk_gVhGqw0JNs0.css?delta=1&language=en&theme=mandiant_theme&include=eJxljVsOwzAIBC_kliNZBJPUim0iII18-1p9pJX6gwbEzs6i1fNmML8hYEou2Dp84DqrNA-0m0uNlVNG-F0imQXr5lxhQuNQsY1z8-g3rgxLG-qLeS9sgdYRcdGIRKIpS4OTXkXc0tegTLg53RBOinn8LIo-Ej9VB-NqsKksymZxQg0Fu-weUzaSO2sHaUxSwj3zYfCc1yppL_znWfK_-8jKs2LlB8zlelQ

Response headers

x-request-id
v-3149a918-a271-11ef-844b-ab99ca4e61a1
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:19 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
font/woff2
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4518
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac6087c3762-MXP
accept-ranges
bytes
content-length
72380
server
cloudflare
munchkin.js
munchkin.marketo.net/164/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/164/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.43.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-43-106.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dea9df0145848ffeb3c6931228d41e833341b4837c0e713d321c5bfcf6dcd4e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

Cache-Control
max-age=8640000
Content-Encoding
gzip
ETag
"756f9116836f579d12be8fe786b69d98:1726632111.60799"
Connection
keep-alive
Expires
Fri, 28 Feb 2025 10:24:18 GMT
Accept-Ranges
bytes
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Length
4843
Date
Wed, 20 Nov 2024 10:24:18 GMT
Content-Type
application/x-javascript
Last-Modified
Wed, 18 Sep 2024 04:01:51 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=880805232811859&ev=PageView&dl=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&rl=&if=false&ts=1732098258997&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4125&fbp=fb.1.1732098258996.987034267823232500&ler=empty&cdl=API_unavailable&it=1732098258773&coo=false&tm=1&rqm=GET
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=23, mss=1232, tbw=4463, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=880805232811859&ev=PageView&dl=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&rl=&if=false&ts=1732098258997&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4125&fbp=fb.1.1732098258996.987034267823232500&ler=empty&cdl=API_unavailable&it=1732098258773&coo=false&tm=1&rqm=FGET
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439305376610712825"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
nKTB8wupZi949b8JxI8Nf0V2Mc2RMOhkK9MshFn3/fHQV9pnAiSEMpzADVeM1Qc4xTldSKHT4NGX35XlnPi6iA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439305376610712825", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=23, mss=1232, tbw=4831, tp=13, tpl=0, uplat=174, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
visitWebPage
565-pei-952.mktoresp.com/webevents/ 		2 B
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://565-pei-952.mktoresp.com/webevents/visitWebPage?_mchNc=1732098259002&_mchCn=&_mchId=565-PEI-952&_mchTk=_mch-mandiant.com-56095386a96bd1fcd7c77e7a949a38b&_mchHo=www.mandiant.com&_mchPo=&_mchRu=%2Fapt1.&_mchPc=https%3A&_mchVr=164&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/164/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

Transfer-Encoding
chunked
X-Request-Id
5e16e9ea-4f11-43a5-b7b5-29da207d1454
Content-Encoding
gzip
Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Wed, 20 Nov 2024 10:24:19 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx/1.20.1
974.bundle.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?ed9f0d
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_HIATwPiGJtSO1S2pcEIK1x9Zc5fDNclwK_vTn6Nfk7c.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
201492c149f68b701455a2d046549a318a76ed5bca4ab13ebd913dbd14710246
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-9248a84a-a271-11ef-a728-9391c12cc4d4
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:19 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4040
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac749ba3762-MXP
accept-ranges
bytes
content-length
3375
server
cloudflare
404.bundle.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 		406 B
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_HIATwPiGJtSO1S2pcEIK1x9Zc5fDNclwK_vTn6Nfk7c.js?scope=footer&delta=4&language=en&theme=mandiant_theme&include=eJxlj-EOwjAIhF-ok0dqkNKt1sJCUePbW6POJfv3wXF3Ias1L2uH_IWAKbmiPOEHp2wqHujWXVtsnArCfojUe2goA8WjL9wYZhlx0-Wwv7N5IbxOjuceqA6_q0UkUktFBTb6tLKkf4Qx4eq0IGwUy7iZDX04dl0PxtqhoVV2je_XDuJc5AVGFGPH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-314fdef0-a271-11ef-99fb-af4b0a47852d
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:19 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
application/javascript
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
4020
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bac749bb3762-MXP
accept-ranges
bytes
content-length
263
server
cloudflare
i
scout.salesloft.com/ 		48 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.183.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-183-91.compute-1.amazonaws.com
Software
/
Resource Hash
7c66e56b7542fb527aa4df6446f8bef5cc75dc4caf5a7d3dc24e18d9c02ba8b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
7e001da50ef370cc3234d0d37688969a
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://www.mandiant.com
content-length
48
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
application/json; charset=utf-8
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=45je4bj0v883779794z8849727317za200zb849727317&_p=1732098258337&_gaz=1&gcs=G111&gcd=13t3tPl2l5l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=219849932.1732098259&ul=it-it&sr=1600x1200&_ng=1&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1732098258&sct=1&seg=0&dl=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&dt=404%20page%20%7C%20Mandiant&en=page_view&_fv=1&_ss=1&tfd=2656
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c&gtm=45He4bj0v849727317za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mandiant.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-X6642ZTDJ7&cid=219849932.1732098259&gtm=45je4bj0v883779794z8849727317za200zb849727317&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c&gtm=45He4bj0v849727317za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.mandiant.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.it/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-X6642ZTDJ7&cid=219849932.1732098259&gtm=45je4bj0v883779794z8849727317za200zb849727317&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=49049624
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 20 Nov 2024 10:24:19 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
px.ads.linkedin.com/wa/ 		0
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 01BFBE5B57E648BC8D49FA8AA4F2B84B Ref B: MIL30EDGE1408 Ref C: 2024-11-20T10:24:19Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYnVY14HzhCx4AjaEzhiQ==
x-li-proto
http/2
access-control-allow-origin
https://www.mandiant.com
x-cache
CONFIG_NOCACHE
date
Wed, 20 Nov 2024 10:24:19 GMT
vary
Origin
2a.json
www.gstatic.com/glue/cookienotificationbar/config/ 		565 B
259 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/glue/cookienotificationbar/config/2a.json?hl=en
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/glue/cookienotificationbar/cookienotificationbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
4a1219bb93172ab2e619d91e27a6995f6ff6aa9d990225f1b32ded076713ecc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

content-encoding
br
report-to
{"group":"uxe-owners-acl/gstatic","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/gstatic"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Thu, 25 Jul 2024 10:08:00 GMT
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/gstatic
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/gstatic"
content-length
233
x-xss-protection
0
server
sffe
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5870833&tm=gtm002&Ver=2&mid=74a52023-a351-4859-a0c9-1b5c153a2b3f&bo=1&sid=9a29b7d0a72911efb3d2f99c61d3a2f3&vid=9a29cbe0a72911efa7faeb0990fccfce&vids=1&msclkid=N&pi=918639831&lg=it-IT&sw=1600&sh=1200&sc=24&tl=404%20page%20%7C%20Mandiant&p=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&r=&lt=2769&evt=pageLoad&sv=1&cdb=AQAQ&rn=341383
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7A53D12EEAC043D6869B521C8842F8FB Ref B: VIEEDGE3008 Ref C: 2024-11-20T10:24:19Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 20 Nov 2024 10:24:18 GMT
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v22/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400&family=Google+Sans:wght@500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://fonts.googleapis.com/

Response headers

age
585223
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:50:36 GMT
last-modified
Wed, 31 Jul 2024 20:31:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15996
x-xss-protection
0
server
sffe
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
fonts.gstatic.com/s/googlesans/v62/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v62/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400&family=Google+Sans:wght@500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
361d8bdea950bdc0beb5f7136f014286ac6b13bfa995db3068f5f0ff2fbc86d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.mandiant.com
Referer
https://fonts.googleapis.com/

Response headers

age
108787
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 04:11:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 04:11:12 GMT
last-modified
Tue, 29 Oct 2024 18:38:00 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23544
x-xss-protection
0
server
sffe
6si.min.js
j.6sc.co/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/apt1.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
56df5bf2317bc2156b954c3fd2913afcce23eb4947c47f3ac401017dc4a0151d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
private, proxy-revalidate, max-age=10800
content-encoding
gzip
etag
"66fb91ae-111d7"
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 13:24:19 GMT
accept-ranges
bytes
content-length
18830
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
last-modified
Tue, 01 Oct 2024 06:07:42 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=730805514&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&ul=it-it&de=UTF-8&dt=404%20page%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=25%25&el=%2Fapt1.&_u=aGDAgEABAAAAAGAEK~&jid=&gjid=&cid=219849932.1732098259&tid=UA-203244293-1&_gid=597180048.1732098259&gtm=45He4bj0n81T72STLDv849727317za200&cg1=null&cg2=apt1.&cd2=Event&cd3=1732098259616.ml84vjtg&cd4=2024-11-20T11%3A24%3A19.616%2B01%3A00&cd5=&cd15=null&cd16=null&cd24=unknown&gcd=13t3t3l2l5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cd1=219849932.1732098259&gcs=G111&npa=1&z=215499503
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

age
13032
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 06:47:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=730805514&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&ul=it-it&de=UTF-8&dt=404%20page%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=50%25&el=%2Fapt1.&_u=aGDAgEABAAAAAGAEK~&jid=&gjid=&cid=219849932.1732098259&tid=UA-203244293-1&_gid=597180048.1732098259&gtm=45He4bj0n81T72STLDv849727317za200&cg1=null&cg2=apt1.&cd2=Event&cd3=1732098259621.qzg16549&cd4=2024-11-20T11%3A24%3A19.621%2B01%3A00&cd5=&cd15=null&cd16=null&cd24=unknown&gcd=13t3t3l2l5l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cd1=219849932.1732098259&gcs=G111&npa=1&z=1275746749
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

age
13032
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 06:47:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
favicon.ico
www.mandiant.com/themes/custom/mandiant_theme/ 		1 KB
841 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
991f07c09318fec5dca99d822bf34a410dc3585a3e230eecf1bed04fe7a9fb1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-8b7082ea-a271-11ef-a507-bbeb691e6dc1
content-encoding
gzip
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:20 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:20 GMT
content-type
image/vnd.microsoft.icon
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
2285
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bacb3d1f3762-MXP
server
cloudflare
/
c.6sc.co/ 		7 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.mandiant.com
content-length
7
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
text/html
access-control-allow-headers
*
/
ipv6.6sc.co/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62ee Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
0d8bdaf340a6bf26f056593ec3935060ed3aa27c8a44fd4bbca842b64212435e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
pragma
no-cache
6si-ipv6
2001:ac8:24:44::15
expires
Wed, 20 Nov 2024 10:24:19 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1732098259872_389993773_53206666_30_1528_33_51_219";dur=1
access-control-allow-origin
https://www.mandiant.com
content-length
18
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
text/html
vary
Origin
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2c1fab9-7de8-4a3c-87f3-6bbac337b94c&session=0a88c4ec-8ea2-47b9-84f4-0397d811753c&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A19%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20page%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&pageViewId=6984a448-4ae9-4b75-863a-f31b626dcba0&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:19 GMT
accept-ranges
bytes
content-length
43
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2c1fab9-7de8-4a3c-87f3-6bbac337b94c&session=0a88c4ec-8ea2-47b9-84f4-0397d811753c&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Nov%202024%2010%3A24%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22627b22264f359a2be8e661bd05849ae6%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Nov%202024%2010%3A24%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Nov%202024%2010%3A24%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Nov%202024%2010%3A24%3A19%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20page%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&pageViewId=6984a448-4ae9-4b75-863a-f31b626dcba0&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"615ccf10-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:19 GMT
accept-ranges
bytes
content-length
43
date
Wed, 20 Nov 2024 10:24:19 GMT
content-type
image/gif
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2c1fab9-7de8-4a3c-87f3-6bbac337b94c&session=0a88c4ec-8ea2-47b9-84f4-0397d811753c&event=ipv6&q=%7B%22address%22%3A%222001%3Aac8%3A24%3A44%3A%3A15%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20page%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&pageViewId=6984a448-4ae9-4b75-863a-f31b626dcba0&ipv6=2001%3Aac8%3A24%3A44%3A%3A15&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:20 GMT
accept-ranges
bytes
content-length
43
date
Wed, 20 Nov 2024 10:24:20 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
favicon-32x32.png
www.mandiant.com/themes/custom/mandiant_theme/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c15bf40027758425d75a74815689d6144f94c2d7ae1eacaba0d158bd8a077f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

x-request-id
v-3a5de6a4-a271-11ef-b14c-0fee958a34f3
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 10:24:20 GMT
x-cache
HIT
date
Wed, 20 Nov 2024 10:24:20 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 11:03:00 GMT
vary
Accept-Encoding
x-cache-hits
1808
cache-control
public, max-age=1209600
x-ah-environment
prod
via
varnish
cf-ray
8e57bace0fd33762-MXP
accept-ranges
bytes
content-length
2029
server
cloudflare
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2c1fab9-7de8-4a3c-87f3-6bbac337b94c&session=0a88c4ec-8ea2-47b9-84f4-0397d811753c&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A19%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20page%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&pageViewId=6984a448-4ae9-4b75-863a-f31b626dcba0&ipv6=2001%3Aac8%3A24%3A44%3A%3A15&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:20 GMT
accept-ranges
bytes
content-length
43
date
Wed, 20 Nov 2024 10:24:20 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
anchor
www.google.com/recaptcha/api2/ Frame 0C30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=qp3ox4z3nzsq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6hI4CktciD7RqLNd37k5HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6hI4CktciD7RqLNd37k5HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 10:24:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 17B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=it&v=pPK749sccDmVW_9DSeTMVvh2&size=compact&cb=t03fd0jh2me3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D_v8NyqiBroPdZA2W0AkVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-D_v8NyqiBroPdZA2W0AkVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 10:24:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2c1fab9-7de8-4a3c-87f3-6bbac337b94c&session=0a88c4ec-8ea2-47b9-84f4-0397d811753c&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A20%20GMT%22%2C%22timeSpent%22%3A%221014%22%2C%22totalTimeSpent%22%3A%222017%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20page%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&pageViewId=6984a448-4ae9-4b75-863a-f31b626dcba0&ipv6=2001%3Aac8%3A24%3A44%3A%3A15&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:21 GMT
accept-ranges
bytes
content-length
43
date
Wed, 20 Nov 2024 10:24:21 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
bframe
www.google.com/recaptcha/api2/ Frame AEBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=it&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YsDHjvjjupe_vhQisQrPFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YsDHjvjjupe_vhQisQrPFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 10:24:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
bframe
www.google.com/recaptcha/api2/ Frame 2D2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=it&v=pPK749sccDmVW_9DSeTMVvh2&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__it.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7-fnxj_W1IYbCx4uZ3VlDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7-fnxj_W1IYbCx4uZ3VlDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 10:24:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2c1fab9-7de8-4a3c-87f3-6bbac337b94c&session=0a88c4ec-8ea2-47b9-84f4-0397d811753c&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223018%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20page%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&pageViewId=6984a448-4ae9-4b75-863a-f31b626dcba0&ipv6=2001%3Aac8%3A24%3A44%3A%3A15&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:22 GMT
accept-ranges
bytes
content-length
43
date
Wed, 20 Nov 2024 10:24:22 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=627b22264f359a2be8e661bd05849ae6&svisitor=null&visitor=c2c1fab9-7de8-4a3c-87f3-6bbac337b94c&session=0a88c4ec-8ea2-47b9-84f4-0397d811753c&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A23%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Nov%202024%2010%3A24%3A22%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224019%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22404%20page%20%7C%20Mandiant%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fapt1.&pageViewId=6984a448-4ae9-4b75-863a-f31b626dcba0&ipv6=2001%3Aac8%3A24%3A44%3A%3A15&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-18-64-90.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.mandiant.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 10:24:23 GMT
accept-ranges
bytes
content-length
43
date
Wed, 20 Nov 2024 10:24:23 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| a2a_config object| script object| dataLayer function| once function| jQuery object| drupalSettings object| Drupal object| a2a function| a2a_init object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| twq string| _linkedin_data_partner_id function| fbq function| _fbq object| _fbq_gtm_ids string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| gtag string| SLScoutObject function| slscout object| recaptcha function| onYouTubeIframeAPIReady object| regeneratorRuntime object| twttr object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled function| UET function| UET_init function| UET_push object| ueto_e65c62e290 object| uetq function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| MunchkinTracker function| ScrollReveal function| drawTimer function| stoppie object| owl function| isInViewport object| webpackChunk function| setImmediate function| clearImmediate object| lazySizes object| AOS object| google function| onVidyardAPI object| ORIBILI object| module$exports$google3$marketing$glue$lib$cookienotificationbar$cdn object| glue function| glueCookieNotificationBarLoaded function| CaptchaCallback object| _6si object| closure_lm_984289

25 Cookies

Domain/Path Name / Value
.mandiant.com/ Name: __cf_bm
Value: oMWTTyq3HgdV.xKfyKJ52FkmBnv7oK5UH4BbaS00mQA-1732098257-1.0.1.1-kDMkksWHxUaLGmV_3sz6u.MeB2RzMFm0EWGc7Zz0z8DGjXCDoS46E.rEc.JyN.8ifo65TCjWUi9NR1hlHpBDeQ
.mandiant.com/ Name: _cfuvid
Value: uhxlMksMb2loPV7H5HOfXK3ezJMpxCEcHShVsS41a7E-1732098257282-0.0.1.1-604800000
.mandiant.com/ Name: _gcl_au
Value: 1.1.1053429026.1732098259
.mandiant.com/ Name: _gid
Value: GA1.2.597180048.1732098259
.mandiant.com/ Name: _dc_gtm_UA-203244293-1
Value: 1
.mandiant.com/ Name: _fbp
Value: fb.1.1732098258996.987034267823232500
.mandiant.com/ Name: _mkto_trk
Value: id:565-PEI-952&token:_mch-mandiant.com-56095386a96bd1fcd7c77e7a949a38b
.t.co/ Name: muc_ads
Value: 124b277e-b9eb-4046-a988-1bef615aca4d
.t.co/ Name: __cf_bm
Value: sRdJ1cOIQ.qSjzD3vKdQv05XfuRVbL.KBUKCZA532k8-1732098259-1.0.1.1-RZNiYbuIBUk2i0SvQb4oBt04ObbrRfP7uXs22YUzYYb0QeNRPuHBZqSXMpMVGFFht2DYdMj9wSXguZjhGV2_Lw
.linkedin.com/ Name: bcookie
Value: "v=2&7b9743b7-1e96-4e04-8d3d-eb805e7e6d6c"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzIwOTgyNTg7MjswMjEyGyU41/gEOKfwuxqxB9K5+BVyXjZlq8I/5kkiWCtvLQ==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=3132:u=1:x=1:i=1732098258:t=1732184658:v=2:sig=AQGidsKcS8quUxLUlQvd33aZPnwIMh2j"
www.mandiant.com/ Name: slireg
Value: https://scout.us3.salesloft.com
.twitter.com/ Name: personalization_id
Value: "v1_CfBBGFXU755yPK7041QKXA=="
www.mandiant.com/ Name: sliguid
Value: 7358eaf0-6f89-4060-aa5c-aaa6820781fb
www.mandiant.com/ Name: slirequested
Value: true
.mandiant.com/ Name: _hjSessionUser_3008912
Value: eyJpZCI6ImEyNWM0MjA0LWM3NjktNTg3OC1iY2I4LTQwMGQ1NzM5MWM3OSIsImNyZWF0ZWQiOjE3MzIwOTgyNTkzNjUsImV4aXN0aW5nIjpmYWxzZX0=
.mandiant.com/ Name: _hjSession_3008912
Value: eyJpZCI6ImEzZjE3MDUwLTY1MTItNGRkZC05ZDc1LTc4OTUxOTE2MjY2NiIsImMiOjE3MzIwOTgyNTkzNjYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.mandiant.com/ Name: _uetsid
Value: 9a29b7d0a72911efb3d2f99c61d3a2f3
.mandiant.com/ Name: _uetvid
Value: 9a29cbe0a72911efa7faeb0990fccfce
.mandiant.com/ Name: _ga_X6642ZTDJ7
Value: GS1.1.1732098258.1.0.1732098259.59.0.0
.bing.com/ Name: MUID
Value: 2B1C95AAA1BD6EFE128E8097A0C56F19
.mandiant.com/ Name: _ga
Value: GA1.2.219849932.1732098259
www.mandiant.com/ Name: _gd_visitor
Value: c2c1fab9-7de8-4a3c-87f3-6bbac337b94c
www.mandiant.com/ Name: _gd_session
Value: 0a88c4ec-8ea2-47b9-84f4-0397d811753c

1 Console Messages

Source Level URL
Text
network error URL: https://www.mandiant.com/apt1.
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri /report-csp-violation
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

565-pei-952.mktoresp.com
analytics.twitter.com
b.6sc.co
bat.bing.com
c.6sc.co
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
ipv6.6sc.co
j.6sc.co
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
scout-cdn.salesloft.com
scout.salesloft.com
script.hotjar.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.gstatic.com
www.mandiant.com
104.102.43.106
104.17.24.14
104.244.42.131
13.107.42.14
142.250.184.238
142.250.185.131
142.250.186.35
146.75.120.157
157.240.251.35
157.240.252.13
172.66.0.227
172.67.39.148
18.66.102.106
192.28.144.124
2.18.64.90
2001:4860:4802:34::36
216.58.206.68
2606:4700:300b::a29f:f07d
2606:4700::6810:4769
2620:1ec:21::14
2620:1ec:33:2::10
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9d
2a02:26f0:480:15::213:7e4a
2a02:26f0:480:22::1726:62ee
52.222.236.74
54.164.183.91
01c01d63342cac254b208036c2212d48d5a1451031869c85e3849f4066e228ad
0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35
08b4a10865f0c3f01aed6b14a4cec5a676aed7c899c6f3e60e0edbb4dfed0f71
09278f5e4175344bf9f92b8e2e7be3940da6ae4c067c21e66ea676fa8be58bee
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
0d8bdaf340a6bf26f056593ec3935060ed3aa27c8a44fd4bbca842b64212435e
0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379
106d831faf1f75672b7ef418ed23d93bb3a7295733bbad03860546bb33cd121d
1cfea949b0b2925d27b84d56d18f2ea1c6b948fdf3ae95c534a14706043da178
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
201492c149f68b701455a2d046549a318a76ed5bca4ab13ebd913dbd14710246
213ad0a7060614a596a3e70daac959dccfa9569e82363f6e0c6346d3b7ed87aa
21c3353df6df2eb5682feec3ffd3013bfbfd4b8b9d2fca7e60540ce88d055240
2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434
31978b5f4450c646afc351088b55c480c24f345c567b42179b3e7dcb1aa4727d
361d8bdea950bdc0beb5f7136f014286ac6b13bfa995db3068f5f0ff2fbc86d5
372dcb604072be98f12e6b48ecf53aa4238767fb34cc47723eeb3fc5552a65d0
3e308f369044d013615a3c411c2677ad9a9b2b0fc8b2a02a708b810dfb4a94c6
40c1436cb0e94370dee18db4f09e3eb8e199713919adb33295536e6c26d9b74d
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4a1219bb93172ab2e619d91e27a6995f6ff6aa9d990225f1b32ded076713ecc3
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56df5bf2317bc2156b954c3fd2913afcce23eb4947c47f3ac401017dc4a0151d
5f4d0b5cd0c7c7bc630b26cfa289a0354c02530d549d4a99d7d7b0b578ff2838
66931290678a936e758497a169524872d7b65480eb69a57e57c187068a7b2986
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c66e56b7542fb527aa4df6446f8bef5cc75dc4caf5a7d3dc24e18d9c02ba8b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8782c1af4382d209058d9ce5fd96134666876fae2c4bf1683718787525cba33e
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8e72f9df72eddef9a75aa93b0972c35491bab52d65c32714fe004b75bd7b5271
94d72b6115a7a2e45a0adc1bc322f60d83befdda162d52e791ce6f575995d227
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
991f07c09318fec5dca99d822bf34a410dc3585a3e230eecf1bed04fe7a9fb1f
a2091f1ff92cc073e178dca31707853e0cc6cd913a5344a8978f040fa373efa6
a69d14f4a9ac8af3b5d72f5762514a5d6f5531418aff63380617f564a4c8ea57
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
abeb66ecee551f641a926c278b376ecbd0980b81e726874919c7580657931f80
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b5322df8f132fa12f87f440c208fa473acaa4544e0b136024a2a564c3b11948b
c8c15bf40027758425d75a74815689d6144f94c2d7ae1eacaba0d158bd8a077f
cf5e7b9e8baddcbb071e1a25a27c2879b4c0a571377c6525968c4f5b920a03eb
d0380bb63086ed7ff7a6f86070c636c084859bbdbf663e6bb9eb2d7cf1983095
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea9df0145848ffeb3c6931228d41e833341b4837c0e713d321c5bfcf6dcd4e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9474894bf64b11c40884f83b0ba6888635bf90bfaae11db1944d99771f1c820
ed4f67a99930c51c4f6721e29d85845330bb34d8a78e5681d98a2ce78c33a06e
ee850414eeda54e00bc2258e2f93f711f3af0df8b70ceff0eac2fa31963dd93a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
f11b59029aa57b52e4d5a99995674982b2c497e7719a7e4dc5d342b182b29082
f8914b020e2c78fe86ca14198095455139f08047b8b52ab69003cb5af35cbbc0
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a