login.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://advantage.mandiant.com/
Effective URL:
https://login.mandiant.com/
Submission: On February 23 via manual (February 23rd 2022, 8:16:01 am UTC) from IL — Scanned from DE

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 75 HTTP transactions. The main IP is 2606:4700:300b::a29f:f07d, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.mandiant.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 4th 2021. Valid for: a year.

This is the only time login.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	2606:4700:300... 2606:4700:300b::a29f:f07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2600:9000:214... 2600:9000:214f:6400:d:5b57:f7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	35.224.119.111 35.224.119.111	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	35.190.35.221 35.190.35.221	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:24e... 2600:1f18:24e6:b900:a59b:777e:81ed:2bd8	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:300... 2606:4700:300b::a29f:f67d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
75	9

26 2606:4700:300b::a29f:f07d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

advantage.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px-sdk.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2600:9000:214f:6400:d:5b57:f7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

mf-packages.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.224.119.111 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 111.119.224.35.bc.googleusercontent.com

px-esp.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.35.221 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 221.35.190.35.bc.googleusercontent.com

web-sdk.aptrinsic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:a59b:777e:81ed:2bd8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:300b::a29f:f67d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	mandiant.com 2 redirects advantage.mandiant.com mf-packages.mandiant.com px-sdk.mandiant.com px-esp.mandiant.com login.mandiant.com	8 MB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	fireeye.com 1 redirects auth.fireeye.com	2 KB
2	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 2816	251 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	157 KB
1	aptrinsic.com web-sdk.aptrinsic.com — Cisco Umbrella Rank: 6458	12 KB
75	6

	Domain	Requested by
27	mf-packages.mandiant.com	advantage.mandiant.com mf-packages.mandiant.com
19	login.mandiant.com	2 redirects mf-packages.mandiant.com login.mandiant.com
7	www.google-analytics.com	www.googletagmanager.com
7	px-esp.mandiant.com	mf-packages.mandiant.com
6	advantage.mandiant.com	advantage.mandiant.com mf-packages.mandiant.com
2	auth.fireeye.com	1 redirects mf-packages.mandiant.com
2	rum-http-intake.logs.datadoghq.com	mf-packages.mandiant.com
2	www.googletagmanager.com	advantage.mandiant.com www.googletagmanager.com
1	web-sdk.aptrinsic.com	px-sdk.mandiant.com
1	px-sdk.mandiant.com	mf-packages.mandiant.com
75	10

This site contains no links.

Subject Issuer	Validity	Valid
mandiant.com Cloudflare Inc ECC CA-3	`2021-11-04` - `2022-11-03`	a year	crt.sh
mf-packages.mandiant.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-10` - `2022-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
px-esp.mandiant.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-10` - `2022-05-18`	a year	crt.sh
*.aptrinsic.com GeoTrust RSA CA 2018	`2021-03-17` - `2022-04-17`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh
fireeye.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.mandiant.com/
Frame ID: 35C3D1ECA28D6A3CE21860FDE8C38FD9
Requests: 75 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://advantage.mandiant.com/ Page URL
https://auth.fireeye.com/as/authorization.oauth2?audience=&client_id=nautilusui&redirect_uri=https%3A... HTTP 302
https://login.mandiant.com/ping/signin?resumePath=%2Fas%2FQ4NFp%2Fresume%2Fas%2Fauthorization.ping&allo... HTTP 302
https://login.mandiant.com/ping/signin HTTP 302
https://login.mandiant.com/ Page URL

Detected technologies

amCharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

amcharts.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

95 %
HTTPS

75 %
IPv6

6
Domains

10
Subdomains

9
IPs

2
Countries

8888 kB
Transfer

10405 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://advantage.mandiant.com/ Page URL
https://auth.fireeye.com/as/authorization.oauth2?audience=&client_id=nautilusui&redirect_uri=https%3A%2F%2Fadvantage.mandiant.com%2Fauth%2Fcallback&code_challenge=Rhx_H_XL4OE2y13ZQiJLkYY04At5FwoWSDC2Lcmtcyg&code_challenge_method=S256&response_type=code&scope=email+openid+profile&state=%7B%22returnTo%22%3A%22%2F%22%7D HTTP 302
https://login.mandiant.com/ping/signin?resumePath=%2Fas%2FQ4NFp%2Fresume%2Fas%2Fauthorization.ping&allowInteraction=true&reauth=false&connectionId=nautilusui&REF=1D137FD9B621758FF272E1BED790F4B15549C10B31EED6B434AE00000002&audience=&scope=email+openid+profile&response_type=code&redirect_uri=https%3A%2F%2Fadvantage.mandiant.com%2Fauth%2Fcallback&code_challenge_method=S256&state=%7B%26quot%3BreturnTo%26quot%3B%3A%26quot%3B%2F%26quot%3B%7D&client_id=nautilusui&code_challenge=Rhx_H_XL4OE2y13ZQiJLkYY04At5FwoWSDC2Lcmtcyg HTTP 302
https://login.mandiant.com/ping/signin HTTP 302
https://login.mandiant.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
advantage.mandiant.com/ 5 KB
2 KB 353ms
317ms Document
text/html 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advantage.mandiant.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f50368798b3c81dd9f4b283fe16bf2b5e2711ee63c265fb5cee52d10a99fe686

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 23 Feb 2022 08:15:52 GMT
content-type: text/html
last-modified: Fri, 18 Feb 2022 21:20:28 GMT
x-amz-version-id: null
etag: W/"cfa33d155a47bb0a32b4a45afe164eea"
x-cache: Miss from cloudfront
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: HwSalZYo0UC3t93cRTIZAbF6zOOp-V9HbHWSVoQX3cJNg4SOUVx4jg==
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e1f023fba7c693a-FRA
content-encoding: gzip

GET
H2 200 styles.css
advantage.mandiant.com/ 1 KB
638 B 287ms
286ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advantage.mandiant.com/styles.css
Requested by: Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9674bd4b9d9de552fb9432c2dec4b3ad96ec8412bf99901fd9a0dbacc652be70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:52 GMT
via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
last-modified: Fri, 18 Feb 2022 21:20:28 GMT
server: cloudflare
x-amz-cf-pop: AMS54-C1
etag: W/"2f979fa0fc4e255d2d26a6a710728b95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e1f0241cf06693a-FRA
x-cache: Miss from cloudfront
content-type: text/css
content-encoding: gzip
x-amz-version-id: null
x-amz-cf-id: Pemd05Q3kr_F7YxLlXpxGS2A_HOm1Jc7erCeh0zl1kM2icVWLvhkjQ==

GET
H2 200 runtime.js Show response
mf-packages.mandiant.com/regenerator-runtime/0.13.9/ 24 KB
25 KB 494ms
401ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/regenerator-runtime/0.13.9/runtime.js
Requested by: Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7206cf318a71ac0cd59d710fd6318de5bb647e95a1d6dada870eded122b1f0e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:54 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 18:06:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "61d4e435f5b81f2e452f58d03b45a67e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 24843
x-amz-cf-id: -Z4bowyDEycA0ZZeL-KQKB5QaXiwItBwj3y8x4vggmd73RM6NbLmYg==

GET
H2 200 single-spa.min.js Show response
mf-packages.mandiant.com/single-spa/5.9.3/lib/system/ 20 KB
21 KB 439ms
418ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/single-spa/5.9.3/lib/system/single-spa.min.js
Requested by: Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 286a8fbf1188c97fb1574a646b6d2af554ac2ea32b071fb2921ca4cd482a5fe6

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:54 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 18:02:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "195bd43792bbfbb7b79fb476194e78da"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 20569
x-amz-cf-id: bzq18i3eJgQwaODjEv_rMV4lDWWfj03Lrzh5cgAx_8Onj-CST5eXgA==

GET
H2 200 import-map-overrides.js Show response
mf-packages.mandiant.com/import-map-overrides/2.4.1/dist/ 45 KB
45 KB 403ms
403ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/import-map-overrides/2.4.1/dist/import-map-overrides.js
Requested by: Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b770a845bb167e2a9d1af5c68533a1d2205218b7681528946f32774bbe2be01f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:54 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 18:06:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "cca4aeff901040b0a86eb5a76066d087"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 45810
x-amz-cf-id: Sm4Pj7toCpzO1DgJWZW-O5gP2MM9tXRHavGQ8dIBmqfwasJoamM3Vg==

GET
H2 200 system.min.js Show response
mf-packages.mandiant.com/systemjs/6.10.2/dist/ 12 KB
12 KB 403ms
403ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Requested by: Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee350fa0558220e755caed50a34b2cd6ad03cbad49560fdae1c74bfdbd9fec28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:54 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 18:06:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "3557366ac001e5ee39a0abca218c460e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 11847
x-amz-cf-id: C0wvlZIHvNHF_qnGiJ8Ukk_igkO6revOZ1-5pTvdpsDTohY2OqLzhA==

GET
H2 200 amd.min.js Show response
mf-packages.mandiant.com/systemjs/6.10.2/dist/extras/ 1 KB
1 KB 438ms
437ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/extras/amd.min.js
Requested by: Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57ce0cd41aa45fab79bb1ef35c16617b4d028551a8df8319b7fa8dfdd8978797

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:54 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 18:06:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e35c70e67398adda611a29cea5be793b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1116
x-amz-cf-id: PnziAEVLQ-TwaPKbpfT5OZ2YIQjUv5cwZzakQH7VcaS1e1gc15w13Q==

GET
H2 200 importmap.json Show response
advantage.mandiant.com/ 3 KB
883 B 264ms
263ms Fetch
application/json 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advantage.mandiant.com/importmap.json?t=1645219202764
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb01538cec5187f0d95956e2d61f214b760c8505cf32cb88c6c4a8a70b13e649

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:53 GMT
via: 1.1 8a5da1dacdf44356dd0f5d8a61106c9a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
last-modified: Fri, 18 Feb 2022 21:20:28 GMT
server: cloudflare
x-amz-cf-pop: AMS54-C1
etag: W/"b4e9d8bea36865f62f5ae438f1eaed30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e1f0248ac93693a-FRA
x-cache: Miss from cloudfront
content-type: application/json
content-encoding: gzip
x-amz-version-id: null
x-amz-cf-id: vGvjPNw30H8olhSSHqepmr1J5BVmrBwxmcn3POy-Y-4DurSlvZMjQw==

GET
H2 200 OpenSans-Regular.ttf
advantage.mandiant.com/fonts/opensans/ 95 KB
95 KB 236ms
235ms Font
binary/octet-stream 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advantage.mandiant.com/fonts/opensans/OpenSans-Regular.ttf
Requested by: Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/styles.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Request headers

Referer: https://advantage.mandiant.com/styles.css
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:53 GMT
via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-length: 96932
last-modified: Fri, 18 Feb 2022 21:20:28 GMT
server: cloudflare
etag: "3ed9575dcc488c3e3a5bd66620bdf5a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
cf-ray: 6e1f0248bca7693a-FRA
x-amz-cf-id: O1PYZH7DTjZM-yZ5XxogKNNtW9hVF4POJmpyD-1rCjpSa9lgY0khkA==

GET
H2 200 maui-mf-root-config.js Show response
advantage.mandiant.com/ 4 KB
2 KB 199ms
198ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advantage.mandiant.com/maui-mf-root-config.js?t=1645219202409
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b43e505a08e0831cec29c4bb00394c3bd2256d8a106d4a45af93be02278f0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:54 GMT
via: 1.1 697a26790d3ab8292d8546ca9be87bbc.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
last-modified: Fri, 18 Feb 2022 21:20:28 GMT
server: cloudflare
x-amz-cf-pop: AMS54-C1
etag: W/"b41b75472e58e2bf3f02aedcffa62d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e1f024a5f74693a-FRA
x-cache: Miss from cloudfront
content-type: application/javascript
content-encoding: gzip
x-amz-version-id: null
x-amz-cf-id: Sod9P5hjMT-NY9cP3NhIyT29gtW4r6NFi3xdQME1_4bufSxC298pDg==

GET
H2 200 nautilusjs-eod.js Show response
mf-packages.mandiant.com/@nautilusjs/eod/0.4.1/dist/ 984 KB
986 KB 400ms
400ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@nautilusjs/eod/0.4.1/dist/nautilusjs-eod.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe685a0131825c98778104624b1d4fbbc115f299ac694f3b00e45d69cb764128

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:55 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 16:27:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "d24d9dcb53b2f84af16871c0d9b775fb"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 1007637
x-amz-cf-id: hWdUg4_MEMbga8Ez6WfR0PdadIdA8qeKFqWs_aVLWgO-YSBSeDcOeA==

GET
H2 200 maui-mf-common-auth.js Show response
mf-packages.mandiant.com/@maui-mf/common-auth/1.0.0/dist/ 38 KB
38 KB 466ms
466ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/common-auth/1.0.0/dist/maui-mf-common-auth.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac5e795ef85ed1a2f77281ce4ed960ed9436e2ceaaf1f8ca4bca28e0c5f7c924

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:55 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 19:43:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "f540818c8c2064cfbb187249e812563c"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 38843
x-amz-cf-id: kc9D1fmUFbsnwNz4Zyk372e-4obpfigPxM1iQW_L4CtM6bdyHc4cgQ==

GET
H2 200 single-spa-layout.min.js Show response
mf-packages.mandiant.com/single-spa-layout/1.6.0/dist/system/ 16 KB
16 KB 118ms
118ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/single-spa-layout/1.6.0/dist/system/single-spa-layout.min.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 833f5a58df4d6a88a3145cc7db04641782301e4a748a0e4d8240ca245c1b53f9

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:55 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 18:02:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "53840461d81702aa115986bf0e4bb86a"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 16165
x-amz-cf-id: LPNiKpHWppWw7aa0a_5nb9zIutfsqFkeRp3wF_BC3aFvY2dqvtSsfA==

GET
H2 200 maui-mf-app-header.js Show response
mf-packages.mandiant.com/@maui-mf/app-header/1.5.3/dist/ 862 KB
864 KB 116ms
116ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/app-header/1.5.3/dist/maui-mf-app-header.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6de98d6b892995b3f3a123f87bce4aedc4da03009b6071b8336c4ab343b4f8ee

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:55 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 21:18:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "28b0acafd2cc77c54c214c91b2d2cf94"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 883104
x-amz-cf-id: xS5QeUU2K-b_cxvyBw78r6U9vsDJ7JdaCZCGGN3jZavVTCj6QTAhtg==

GET
H2 200 nautilusjs-app.js Show response
mf-packages.mandiant.com/@nautilusjs/app/1.50.10/dist/ 3 MB
3 MB 473ms
472ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@nautilusjs/app/1.50.10/dist/nautilusjs-app.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 650fe65a026fc7650948af45fb3a478f2fb535cc845ebe8125251b5d39a7ee1c

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 22:09:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "9a1209bbd78be0a9bd05b49b4b7d3663"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 3511481
x-amz-cf-id: rZ6EiR58VC8HKfLwj5-Sv9KzzrgfaLE-8dpnfTSsS5tkZefigbsVBw==

GET
H2 200 maui-mf-analytics-datadog-rum.js Show response
mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/ 60 KB
61 KB 446ms
445ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40d7217c7bad276134f18cdbc68edf1d04058ee47bf54f9a16ac543afeb0ded5

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 19:41:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "a53e45c61dbbe93017a695c02fe4ab78"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 61947
x-amz-cf-id: OTXM2oj-H9vZusWUENzewrw0YzeKiPQsTd5z-Bd9YmRxaqjqyZzAOw==

GET
H2 200 maui-mf-analytics-gtm.js Show response
mf-packages.mandiant.com/@maui-mf/analytics-gtm/1.0.0/dist/ 3 KB
3 KB 403ms
402ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/analytics-gtm/1.0.0/dist/maui-mf-analytics-gtm.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c86253677f5c8a4ca074e91a987630e0a06271b68e9f939686a86347b902835f

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRG4ZRSF75CEMTBM
x-cache: Miss from cloudfront
content-length: 2577
x-amz-id-2: KunFyYzgJblLImdsXK1laPl1sdIKQNUZ7AjiAvvQoHwMCXqiJZ/V7nEJvluhWCwF0NB7CWJ44wo=
last-modified: Tue, 14 Dec 2021 19:41:38 GMT
server: AmazonS3
etag: "8b05bb71950be88522a70289e331c484"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: Y1NaGoKnyG4E2o0nB4lklrwLB8cNVgKq4tv6UGJKfAPPYWfSTlv69w==

GET
H2 200 maui-mf-analytics-gainsight.js Show response
mf-packages.mandiant.com/@maui-mf/analytics-gainsight/1.0.0/dist/ 523 B
1 KB 452ms
452ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/analytics-gainsight/1.0.0/dist/maui-mf-analytics-gainsight.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 170cdf9dc32d14b98d3d6017484403f2b52a57d87fef670328623e95eb7f4941

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRG5V84DFEST8V76
x-cache: Miss from cloudfront
content-length: 523
x-amz-id-2: 8M6RW8e5tOh+V9PghdLu894BCArlniKz/8ixke1bfYsnM6vRlQ1sk/Yrp13imtYSMQNZce2wK8Q=
last-modified: Tue, 14 Dec 2021 19:41:40 GMT
server: AmazonS3
etag: "af05a673194913196720b076a56e5606"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: UTenXqYgxsGE__M1fTJAAb_kgqgQ0Ua1tS-POh68Ag_03jl-66RGrw==

GET
H2 200 react.production.min.js Show response
mf-packages.mandiant.com/react/17.0.2/umd/ 11 KB
12 KB 399ms
397ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/react/17.0.2/umd/react.production.min.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRGD4FFFW9S9VNWT
x-cache: Miss from cloudfront
content-length: 11440
x-amz-id-2: lu2dIeaPl+Pi+pEqz8VNrEGrl6Ddzyv7C0L/tLJeucbnfEylAJfc2fahm2/kElfC67jEliCi3VA=
last-modified: Fri, 10 Sep 2021 18:02:30 GMT
server: AmazonS3
etag: "61699b70cf57abe63fdf5f4007d36ec1"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: eNvD02swAvzF6_p4yYUe_nNUu1r9dNyeWlb6hkKUywkxodpnZJnGmA==

GET
H2 200 react-dom.production.min.js Show response
mf-packages.mandiant.com/react-dom/17.0.2/umd/ 118 KB
118 KB 390ms
388ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/react-dom/17.0.2/umd/react-dom.production.min.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRGENRMXTFWWJ2HK
x-cache: Miss from cloudfront
content-length: 120585
x-amz-id-2: J/e+VGNQBzWlhxnpYD10cxXxcHS6hA+OinhI9Sfyhudbx1N0RsAT7f8DTA5VDMO0KzsaYs4FBaM=
last-modified: Fri, 10 Sep 2021 18:02:27 GMT
server: AmazonS3
etag: "23bfe7e99565ee8f34afd63c06f4c24b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: d5kMgs6ffpMiOiIyLIPRntahriH0YYWToYJqXbGYV9CAPuaw9o9J0g==

GET
H2 200 maui-mf-common-env.js Show response
mf-packages.mandiant.com/@maui-mf/common-env/1.0.0/dist/ 117 B
668 B 407ms
406ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/common-env/1.0.0/dist/maui-mf-common-env.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b41d8fc785e8fa02fe828fb9a493b1a757f48cc99fc960a006eee65ad9b340b

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRG6TYQ0EY7581CE
x-cache: Miss from cloudfront
content-length: 117
x-amz-id-2: 02qG3ww7AnDEyIvg0NFaPJq/QhqoC3Va8k7He7gPe8yq+AbsTUnlhe+gNYj5+ZzixQ9ffnpdWJo=
last-modified: Tue, 14 Dec 2021 19:43:11 GMT
server: AmazonS3
etag: "700eca66f0c082bd940388d2f8a3618e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: lkxhCTZfXkZ3EVPFxDf14sfB9_nVfZ3rQJtda2ZZFUZ0sHV36JMHLA==

GET
H2 200 maui-libraries-emotion.js Show response
mf-packages.mandiant.com/@maui/libraries-emotion/1.1.0/dist/ 28 KB
29 KB 418ms
418ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui/libraries-emotion/1.1.0/dist/maui-libraries-emotion.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f17bd19b227770c876a931b1fd37cb370b940c68290767714ebe70832ce4a79f

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRG0PMF80MVSX11X
x-cache: Miss from cloudfront
content-length: 28710
x-amz-id-2: Gj4wy58juEQcAK36QjaOczsTMDlksJVxMjb3kKQKJfiPbCeVIfChDyams6CB/YNrHfNXbRZcBPE=
last-modified: Fri, 14 Jan 2022 17:45:03 GMT
server: AmazonS3
etag: "4a9432588cd06d280f7acf43c02f2131"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: af_TaVwNiVGfcsuaGnKKLa5U-Cc_U5NdjxiCFAc6WcSObobgh7W2WQ==

GET
H2 200 maui-libraries-styled-system.js Show response
mf-packages.mandiant.com/@maui/libraries-styled-system/1.0.1/dist/ 13 KB
14 KB 384ms
383ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui/libraries-styled-system/1.0.1/dist/maui-libraries-styled-system.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbda88f36212a4d7a5a185cb0a603baab1b1d619094d6780636af36b65719210

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRG8J7MENXF5RCVH
x-cache: Miss from cloudfront
content-length: 13445
x-amz-id-2: +b6lR/h8htxSp77uBRFAURUuoWX13nTJHLNp5VbGN5BIixwA59Aw+4pYXWXnB1sGApGk0aiF0YY=
last-modified: Fri, 14 Jan 2022 17:45:07 GMT
server: AmazonS3
etag: "49770e50fc3e145f7abf9d5ecd61399b"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: BkcQUFyw1Yjgd7YcqG3GbCrBFhl0b4q82WSo7v0CLlVJjE4fU9GJsA==

GET
H2 200 maui-libraries-reakit.js Show response
mf-packages.mandiant.com/@maui/libraries-reakit/1.0.1/dist/ 125 KB
126 KB 397ms
397ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui/libraries-reakit/1.0.1/dist/maui-libraries-reakit.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13cf2b4548fb30f8ed00794494849478eee2f71cc0303b167460cca9d146814b

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRG7F5QP9RGNQW52
x-cache: Miss from cloudfront
content-length: 128029
x-amz-id-2: pnzdxnfUyKPcB8gwYipiWDSIJB+JPActJ11NdeuhonA/hP5HaxVAUlsq5jop+PtxMk2RtdJd6OM=
last-modified: Fri, 14 Jan 2022 17:45:05 GMT
server: AmazonS3
etag: "426f3b0b53d5d288177dd28992226bea"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: xFNvcHU6lqkQDsgEkgnyY4bLJh1fHKDqCBFMAoW6AH3I6AiQJimRhg==

GET
H2 200 maui-mf-common-react.js Show response
mf-packages.mandiant.com/@maui-mf/common-react/1.0.0/dist/ 19 KB
19 KB 111ms
111ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/common-react/1.0.0/dist/maui-mf-common-react.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8947b20fbda9e346ac24265d0176335b5d920bccb006006a764fe05e96940b2f

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: MRG98K12E5ANNSEK
x-cache: Miss from cloudfront
content-length: 19003
x-amz-id-2: hgT9Mvww5L+0VOJ6b2lpw1CH1uPn56Qic1RrQFAMcECuRgXezlk074xgyln7lZL9QxZ8og/E5j8=
last-modified: Tue, 14 Dec 2021 19:43:07 GMT
server: AmazonS3
etag: "94395abe0e66cca933b3878c1fa71c4c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: MPYv69sPOMCSpHQcDJ3aIK5q7LUo3Rp8DOHriijQOWrRlR7JEFrOUA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 346 KB
93 KB 220ms
119ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: advantage.mandiant.com
URL: https://advantage.mandiant.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d71781c84bb060f63094ef0e9536cfc8473b6820ebe1bcf6c655f4f5fde5ae05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94817
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Feb 2022 08:15:55 GMT

GET
H2 200 aptrinsic.js Show response
px-sdk.mandiant.com/api/ 1 MB
383 KB 202ms
189ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://px-sdk.mandiant.com/api/aptrinsic.js?a=AP-GLIY23EWD6MP-2-1
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-gainsight/1.0.0/dist/maui-mf-analytics-gainsight.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d30d18d3a7060d79411cf133b26e1498e92f869a04165aed0fc8629a0299a3f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Wed, 23 Feb 2022 08:15:55 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 22 Feb 2022 17:05:17 GMT
server: cloudflare
etag: W/"621517cd-11c565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=3600
cf-ray: 6e1f0252aeb1693a-FRA
expires: Wed, 23 Feb 2022 09:15:55 GMT

GET
H/1.1 200
OK AP-GLIY23EWD6MP-2-1 Show response
px-esp.mandiant.com/rte/v1/configuration/ 6 KB
6 KB 485ms
116ms XHR
application/json 35.224.119.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://px-esp.mandiant.com/rte/v1/configuration/AP-GLIY23EWD6MP-2-1
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.224.119.111 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.119.224.35.bc.googleusercontent.com
Software: /
Resource Hash: 3ba93e8907103d54675849231672deb8846b20957e130139fa30021a689b99ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Feb 2022 08:15:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin
X-Application-Context: application:prod
Content-Type: application/json;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 102ms
102ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dd83305b08ffee1233c0ecc66a38fb7d333d396086b66b0faa2cdbb8af2ef02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65110
x-xss-protection: 0
expires: Wed, 23 Feb 2022 08:15:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 216ms
52ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 663
date: Wed, 23 Feb 2022 08:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Feb 2022 10:04:52 GMT

GET
H2 200 mandiant-mfe-dashboards.js Show response
mf-packages.mandiant.com/@mandiant-mfe/dashboards/0.4.4/dist/ 337 KB
338 KB 405ms
405ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@mandiant-mfe/dashboards/0.4.4/dist/mandiant-mfe-dashboards.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12222adc689853efd89db7e7c1af0a5e4bc8f8e1bf2d51edc780c6bb178ba023

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:57 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: 0JAGMWCGAZ19ZHC0
x-cache: Miss from cloudfront
content-length: 345210
x-amz-id-2: NNpNGqxRjOeRHYvq7V3VnhRducDCRwKu9t/rRhNm0Dbv/KH0Cp8EqU/tnqHMCVBq09OKaIlya56YG3WYaTUyaw==
last-modified: Fri, 14 Jan 2022 17:44:32 GMT
server: AmazonS3
etag: "50eb4d42aade024e406aa1976cf0e0d2"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 9nxS4RrhM9xXw1k48P4c7LzdMfTJ2HYFt5cA6UcCLOZEqocNTQJxpg==

GET
H2 200 index.js Show response
mf-packages.mandiant.com/@nautilusjs/component-amcharts/0.3.2/dist/system/ 528 B
1 KB 428ms
427ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@nautilusjs/component-amcharts/0.3.2/dist/system/index.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ace01711c76816754c3eee2fbc94866cc533ed497088f15b1834e61171972b04

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:57 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: 0JAYEH4NZF7W8ARC
x-cache: Miss from cloudfront
content-length: 528
x-amz-id-2: 6qSfcN8b6P1bPGTcYriI02yWAaCP2i7ZGyVWCxycB1Cd1ADpRANEJ4wrUkDBjugTscdYL7/iwSCr3QicYVssTA==
last-modified: Tue, 12 Oct 2021 15:46:12 GMT
server: AmazonS3
etag: "9b96dd8fb243e6e40e43b59a5220cbbf"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 9xDZI-ALXYeneQxL-dwY9yhYSDUpJi2SOJvm8TScWB-YPohl7MWaHg==

GET
H2 200 nautilusjs-component-keylines.js Show response
mf-packages.mandiant.com/@nautilusjs/component-keylines/0.1.15/dist/ 557 KB
558 KB 406ms
406ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@nautilusjs/component-keylines/0.1.15/dist/nautilusjs-component-keylines.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9787ae9e864853f5fe0b383595b33b307ce6bb8ea5a2a9b0dbfe2a5168bf494e

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:57 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: 0JAGNMD8643EXCSX
x-cache: Miss from cloudfront
content-length: 570211
x-amz-id-2: X5OBVq4D86HYxh9sm8juGZ2Oa6klfprYx+60OiZIgbusMXhXCSzN+1ffsTj7y3/yeqgQcigK7Mw1rUGamHdjBA==
last-modified: Fri, 10 Sep 2021 18:05:39 GMT
server: AmazonS3
etag: "985674c0b9c9747d67c915580637f3fa"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: xRtoSGXR0oLubOJZ8Cj2b5Ys-A9_Qxd8KGt4uahsbKS0NH1msqoncg==

GET
H2 200 style.css
web-sdk.aptrinsic.com/ 62 KB
12 KB 159ms
116ms Stylesheet
text/css 35.190.35.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.aptrinsic.com/style.css?a=AP-GLIY23EWD6MP-2-1
Requested by: Host: px-sdk.mandiant.com
URL: https://px-sdk.mandiant.com/api/aptrinsic.js?a=AP-GLIY23EWD6MP-2-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.35.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.35.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cd0992c3742ec06160e65b0bf5cfe3ce6eb3a2ca06a8fda6620ab23a48a710de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Wed, 23 Feb 2022 08:15:56 GMT
via: 1.1 google
last-modified: Wed, 09 Feb 2022 10:36:39 GMT
server: nginx
age: 0
etag: W/"62039937-f8c3"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=300,public
content-encoding: gzip
alt-svc: clear
content-length: 11913
expires: Wed, 23 Feb 2022 08:20:56 GMT

GET
H/1.1 200
OK command Show response
px-esp.mandiant.com/rte/v1/ 77 B
354 B 114ms
114ms XHR
application/json 35.224.119.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://px-esp.mandiant.com/rte/v1/command?p=AP-GLIY23EWD6MP-2-1&sv=0.43.0&v=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&ai=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&vt=0&s=AP-GLIY23EWD6MP-2-1-1645604156193-48864357&et=sessionInitialized&rf=null&sc=https%3A%2F%2F&ho=advantage.mandiant.com&pa=%2F&q&ha&sch=1200&scw=1600&pt=Mandiant%20Advantage&ep=%7B%7D&cb=1645604156195-8986
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.224.119.111 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.119.224.35.bc.googleusercontent.com
Software: /
Resource Hash: 1b10f9f87068b5dbfa271e96897218c24cf2d5d7e8362e2f254dc772ed99e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 08:15:56 GMT
Vary: Origin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
X-Application-Context: application:prod

GET
H/1.1 200
OK client Show response
px-esp.mandiant.com/rte/api/v1/feature/ 438 B
691 B 228ms
114ms XHR
application/json 35.224.119.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://px-esp.mandiant.com/rte/api/v1/feature/client?p=AP-GLIY23EWD6MP-2-1&sv=0.43.0&v=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&ai=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&vt=0&s=AP-GLIY23EWD6MP-2-1-1645604156193-48864357&wsv=0.43.0&cb=1645604156196-2755
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.224.119.111 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.119.224.35.bc.googleusercontent.com
Software: /
Resource Hash: 1c062a0da8b8cd34a8e0993e72d818acb6a204b9214f9bfc038c0e9391a1222d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Feb 2022 08:15:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin
X-Application-Context: application:prod
Content-Type: application/json;charset=utf-8

GET
H/1.1 200
OK command Show response
px-esp.mandiant.com/rte/v1/ 77 B
354 B 344ms
120ms XHR
application/json 35.224.119.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://px-esp.mandiant.com/rte/v1/command?p=AP-GLIY23EWD6MP-2-1&sv=0.43.0&v=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&ai=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&vt=0&s=AP-GLIY23EWD6MP-2-1-1645604156193-48864357&et=pageview&rf=null&sc=https%3A%2F%2F&ho=advantage.mandiant.com&pa=%2F&q&ha&sch=1200&scw=1600&pt=Mandiant%20Advantage&ep=%7B%7D&cb=1645604156197-3575
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.224.119.111 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.119.224.35.bc.googleusercontent.com
Software: /
Resource Hash: 1b10f9f87068b5dbfa271e96897218c24cf2d5d7e8362e2f254dc772ed99e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 08:15:56 GMT
Vary: Origin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
X-Application-Context: application:prod

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 113ms
59ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe2g0&_p=1193743690&sr=1600x1200&gcs=G100&ul=en-us&cid=1960483540.1645604156&_s=1&dl=https%3A%2F%2Fadvantage.mandiant.com%2F&dt=Mandiant%20Advantage&sid=1645604155&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 08:15:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://advantage.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 101ms
49ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1193743690&t=pageview&_s=1&dl=https%3A%2F%2Fadvantage.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Mandiant%20Advantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAAgAABE~&cid=1960483540.1645604156&tid=UA-203244293-1&_gid=380081496.1645604156&gtm=2wg2g0T72STLD&cg1=null&cg2=&cd2=Pageview&cd3=1645604155728.ftr1wm7i&cd4=2022-02-23T08%3A15%3A55.728%2B00%3A00&cd5=&cd15=null&cd16=null&gcs=G100&cd1=1960483540.1645604156&z=1912448285

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 20:09:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 101ms
49ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1193743690&t=event&ni=1&_s=1&dl=https%3A%2F%2Fadvantage.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Mandiant%20Advantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=25%25&el=%2F&_u=aGgAgAABE~&cid=1960483540.1645604156&tid=UA-203244293-1&_gid=1681181809.1645604156&gtm=2wg2g0T72STLD&cg1=null&cg2=&cd2=Event&cd3=1645604155752.xcwffe6a&cd4=2022-02-23T08%3A15%3A55.753%2B00%3A00&cd5=&cd15=null&cd16=null&gcs=G100&cd1=1960483540.1645604156&z=1709254770

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 20:09:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 99ms
47ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1193743690&t=event&ni=1&_s=1&dl=https%3A%2F%2Fadvantage.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Mandiant%20Advantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=50%25&el=%2F&_u=aGgAgAABE~&cid=1960483540.1645604156&tid=UA-203244293-1&_gid=1524927721.1645604156&gtm=2wg2g0T72STLD&cg1=null&cg2=&cd2=Event&cd3=1645604155754.4qm3wulh&cd4=2022-02-23T08%3A15%3A55.754%2B00%3A00&cd5=&cd15=null&cd16=null&gcs=G100&cd1=1960483540.1645604156&z=1361807251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 20:09:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 100ms
49ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1193743690&t=event&ni=1&_s=1&dl=https%3A%2F%2Fadvantage.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Mandiant%20Advantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=75%25&el=%2F&_u=aGgAgAABE~&cid=1960483540.1645604156&tid=UA-203244293-1&_gid=91734904.1645604156&gtm=2wg2g0T72STLD&cg1=null&cg2=&cd2=Event&cd3=1645604155755.256djfjn&cd4=2022-02-23T08%3A15%3A55.755%2B00%3A00&cd5=&cd15=null&cd16=null&gcs=G100&cd1=1960483540.1645604156&z=316457512

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 20:09:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 100ms
49ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1193743690&t=event&ni=1&_s=1&dl=https%3A%2F%2Fadvantage.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Mandiant%20Advantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=100%25&el=%2F&_u=aGgAgAABE~&cid=1960483540.1645604156&tid=UA-203244293-1&_gid=323219862.1645604156&gtm=2wg2g0T72STLD&cg1=null&cg2=&cd2=Event&cd3=1645604155756.cgbfiy8a&cd4=2022-02-23T08%3A15%3A55.756%2B00%3A00&cd5=&cd15=null&cd16=null&gcs=G100&cd1=1960483540.1645604156&z=240317510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 20:09:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43603
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pub740828818d18fd181c02f10c642611c3
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
126 B 471ms
221ms Ping
application/json 2600:1f18:24e6:b900:a59b:777e:81ed:2bd8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub740828818d18fd181c02f10c642611c3?_dd.application_id=aafde5b0-462c-471a-9493-09e0ed88ac5f&ddsource=browser&ddtags=sdk_version:1.26.3&batch_time=1645604156425
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:a59b:777e:81ed:2bd8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://advantage.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 08:15:56 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2 200 index-9d2228da.js Show response
mf-packages.mandiant.com/@nautilusjs/component-amcharts/0.3.2/dist/system/ 1 MB
1 MB 113ms
113ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@nautilusjs/component-amcharts/0.3.2/dist/system/index-9d2228da.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b05a718dd4613ab0ba994b9b66609497b4baff74d1e04aea179e4786581bec64

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:57 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: 0JAJNK5X4GCGZCW3
x-cache: Miss from cloudfront
content-length: 1138677
x-amz-id-2: 7rn+r3N56BD86svE57xgmXwTt5OZ2vVjVgNG/bUzjul8ew8KgKv+bhYJtiDg22kgMPGgnVTBVCMzZaZEDb8T9w==
last-modified: Tue, 12 Oct 2021 15:46:12 GMT
server: AmazonS3
etag: "72f31d7d548933b9799d83a44f131e38"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: p5EQs4rNzNIaJlk12vjwWAiHsrjoATwz6Z5pmfk2BGEtYVVMbOUklA==

GET
H/1.1 204
No Content inapp Show response
px-esp.mandiant.com/rte/v1/ 0
240 B 116ms
115ms XHR
application/octet-stream 35.224.119.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://px-esp.mandiant.com/rte/v1/inapp?p=AP-GLIY23EWD6MP-2-1&sv=0.43.0&v=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&ai=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&vt=0&s=AP-GLIY23EWD6MP-2-1-1645604156193-48864357&u=advantage.mandiant.com%2F&gcx=%7B%7D&cb=1645604156949-8138
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.224.119.111 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.119.224.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Feb 2022 08:15:57 GMT
Cache-Control: no-cache
Connection: keep-alive
Vary: Origin
X-Application-Context: application:prod
Content-Type: application/octet-stream

GET
H/1.1 200
OK command Show response
px-esp.mandiant.com/rte/v1/ 77 B
354 B 116ms
116ms XHR
application/json 35.224.119.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://px-esp.mandiant.com/rte/v1/command?p=AP-GLIY23EWD6MP-2-1&sv=0.43.0&v=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&ai=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&vt=0&s=AP-GLIY23EWD6MP-2-1-1645604156193-48864357&et=pageview&rf=null&sc=https%3A%2F%2F&ho=advantage.mandiant.com&pa=%2Fauth%2Flogin&q=%3FreturnTo%3D%2F&ha&sch=1200&scw=1600&pt=Mandiant%20Advantage&ep=%7B%7D&cb=1645604157919-1145
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.224.119.111 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.119.224.35.bc.googleusercontent.com
Software: /
Resource Hash: 1b10f9f87068b5dbfa271e96897218c24cf2d5d7e8362e2f254dc772ed99e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 08:15:57 GMT
Vary: Origin
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
X-Application-Context: application:prod

GET
H2 200 maui-mf-app-auth.js Show response
mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/ 43 KB
44 KB 109ms
109ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/maui-mf-app-auth.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/systemjs/6.10.2/dist/system.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ce11227c43c875ad3069fc4332d91d00f2ec015218ea2e8486df66ce8d7d637

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:58 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-request-id: B0Y1PF499GXSHS0A
x-cache: Miss from cloudfront
content-length: 44178
x-amz-id-2: BZoBgSEwM5qBfl5A6Ywks2kzDGoxaiCPB6/8ZobyjLgU4/ycoXCJLhA7pihP6a2/p4Gg1uaIsvraP2c8ohbjvw==
last-modified: Fri, 14 Jan 2022 17:44:55 GMT
server: AmazonS3
etag: "1bf59a612f5ed68c16e3b5cc14038fd7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: rF9RljflVAzeI-TO4xSri0ZXe_B6KhpsqqJsS2Fft7e48m3iI9Lwcg==

GET
H2 200 vendors-node_modules_babel_runtime_helpers_esm_extends_js-node_modules_babel_runtime_helpers_-6e3808.maui-mf-app-auth.js Show response
mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/ 12 KB
13 KB 385ms
385ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/vendors-node_modules_babel_runtime_helpers_esm_extends_js-node_modules_babel_runtime_helpers_-6e3808.maui-mf-app-auth.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/maui-mf-app-auth.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cd549ab448dcb61670d11856919c843c0ab510c6a29dd0ae62a66bbf885264c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:59 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jan 2022 17:44:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "efa0c8ce5a60a64dcfa208ad3f9f757f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 12560
x-amz-cf-id: _lLNLLK8dBsWIUQylBCKHlwBPxviOLg-ZXYFr6NXbiedMJNLTbK7Bw==

GET
H2 200 src_routes_Signin_js.maui-mf-app-auth.js Show response
mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/ 3 KB
3 KB 393ms
393ms Script
application/javascript 2600:9000:214f:6400:d:5b57:f7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/src_routes_Signin_js.maui-mf-app-auth.js
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/app-auth/1.0.2/dist/maui-mf-app-auth.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6400:d:5b57:f7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3302a3a731f570aaa2b07e6a476d36430c9a241a3d68ed12a596743db02389ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:59 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jan 2022 17:44:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "03f388d3afcc88be7bb1bebb490fa541"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2851
x-amz-cf-id: QVybcxlvNgSWAbvPyL9lVqp7jtAeS0WgdEVl4zo6vvoaASUGnVXgLQ==

GET
H2 200 OpenSans-Regular.ttf
advantage.mandiant.com/fonts/opensans/ 95 KB
95 KB 282ms
282ms Font
binary/octet-stream 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://advantage.mandiant.com/fonts/opensans/OpenSans-Regular.ttf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://advantage.mandiant.com/
Origin: https://advantage.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:15:58 GMT
via: 1.1 f655cacd0d6f7c5dc935ea687af6f3c0.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: binary/octet-stream
content-length: 96932
last-modified: Fri, 18 Feb 2022 21:20:28 GMT
server: cloudflare
etag: "3ed9575dcc488c3e3a5bd66620bdf5a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, PUT, POST, DELETE
x-amz-version-id: null
access-control-allow-origin: *
cf-ray: 6e1f02665da8693a-FRA
x-amz-cf-id: BQ6xoTpO5nLU3eL2YlVBKP360y8RV1EdZwfsrhi1iVNazq6si7P62Q==

GET
H2 200 openid-configuration Show response
auth.fireeye.com/.well-known/ 3 KB
1 KB 445ms
414ms Fetch
application/json 2606:4700:300b::a29f:f67d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.fireeye.com/.well-known/openid-configuration

Requested by

Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f67d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c30839f534ca548df1a97a0844ee4c6294e894b8cbe725e891ee9c569e1665f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 08:15:58 GMT
content-encoding: gzip
referrer-policy: origin
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=utf-8
access-control-allow-origin: https://advantage.mandiant.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e1f026689309034-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content inapp Show response
px-esp.mandiant.com/rte/v1/ 0
240 B 114ms
114ms XHR
application/octet-stream 35.224.119.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://px-esp.mandiant.com/rte/v1/inapp?p=AP-GLIY23EWD6MP-2-1&sv=0.43.0&v=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&ai=AP-GLIY23EWD6MP-2-1-1645604156192-44866681&vt=0&s=AP-GLIY23EWD6MP-2-1-1645604156193-48864357&u=advantage.mandiant.com%2Fauth%2Flogin%3FreturnTo%3D%252F&gcx=%7B%7D&cb=1645604158673-8835
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.224.119.111 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.119.224.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Feb 2022 08:15:58 GMT
Cache-Control: no-cache
Connection: keep-alive
Vary: Origin
X-Application-Context: application:prod
Content-Type: application/octet-stream

POST
H2 200 pub740828818d18fd181c02f10c642611c3
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 203ms
202ms Ping
application/json 2600:1f18:24e6:b900:a59b:777e:81ed:2bd8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub740828818d18fd181c02f10c642611c3?_dd.application_id=aafde5b0-462c-471a-9493-09e0ed88ac5f&ddsource=browser&ddtags=sdk_version:1.26.3&batch_time=1645604158900
Requested by: Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/analytics-datadog-rum/1.0.0/dist/maui-mf-analytics-datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:a59b:777e:81ed:2bd8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://advantage.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Feb 2022 08:15:59 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H2

200

Primary Request / Show response
login.mandiant.com/
Redirect Chain

https://auth.fireeye.com/as/authorization.oauth2?audience=&client_id=nautilusui&redirect_uri=https%3A%2F%2Fadvantage.mandiant.com%2Fauth%2Fcallback&code_challenge=Rhx_H_XL4OE2y13ZQiJLkYY04At5FwoWSD...
https://login.mandiant.com/ping/signin?resumePath=%2Fas%2FQ4NFp%2Fresume%2Fas%2Fauthorization.ping&allowInteraction=true&reauth=false&connectionId=nautilusui&REF=1D137FD9B621758FF272E1BED790F4B1554...
https://login.mandiant.com/ping/signin
https://login.mandiant.com/

4 KB
1 KB

439ms
439ms

Document
text/html

2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/

Requested by

Host: mf-packages.mandiant.com
URL: https://mf-packages.mandiant.com/@maui-mf/common-auth/1.0.0/dist/maui-mf-common-auth.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97ef3f0545bfb3c9e87af61a1fba67f41f2deb00dc95c26d437dace5809d5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://advantage.mandiant.com/

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache
strict-transport-security: max-age=16070400; includeSubDomains
x-frame-options: DENY
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e1f02726d81693a-FRA

Redirect headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-type: text/html; charset=utf-8
location: https://login.mandiant.com/
cache-control: no-store, no-cache
strict-transport-security: max-age=16070400; includeSubDomains
x-frame-options: DENY
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e1f026e8de9693a-FRA

POST collect
www.google-analytics.com/g/ 0
0

POST pub740828818d18fd181c02f10c642611c3
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0

GET
H2 200 fonts.css
login.mandiant.com/stylesheets/ 386 B
241 B 29ms
27ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/stylesheets/fonts.css

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac737670e4c4fd04d8472526f0e8cd83c9ce0b0dfbe0ba0276630c19e917e165

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-182"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b0c693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 tokens.css
login.mandiant.com/stylesheets/ 4 KB
893 B 29ms
27ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/stylesheets/tokens.css

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e82b1afb1aff1a5d9a7530b3309367b4bb294f3f588eeff7d44e606a405d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-ea1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b0f693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 bootstrap.css
login.mandiant.com/stylesheets/ 98 KB
14 KB 39ms
37ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/stylesheets/bootstrap.css

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82414bb189b74364d7ada8a4a5a8bfcd473e6818268fd927fbbfe33256492b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-18666"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b13693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 DT_bootstrap.css
login.mandiant.com/stylesheets/ 1 KB
416 B 28ms
27ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/stylesheets/DT_bootstrap.css

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34f6c2eb07379c39956b895dbe1646351798653782833577a23fed0ebb1ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-48d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b15693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 chosen.css
login.mandiant.com/chosen/ 12 KB
2 KB 37ms
36ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/chosen/chosen.css

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0b8c9bab2c9a1ad63707691c0c0e75f6110f15a60a543054ffe22f9312d2f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-2f9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b1b693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 sso.css
login.mandiant.com/stylesheets/ 22 KB
5 KB 29ms
27ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/stylesheets/sso.css

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a48c252662cc35474233f9a616fc4fae61b6b67475a43a44b2d48c0944eb7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-5678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b1e693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 select2.min.css
login.mandiant.com/stylesheets/ 15 KB
2 KB 34ms
33ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/stylesheets/select2.min.css

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-3a76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b22693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 jquery.js Show response
login.mandiant.com/javascripts/ 92 KB
33 KB 25ms
24ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/javascripts/jquery.js

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-16eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02754b26693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 jquery.dataTables.min.js Show response
login.mandiant.com/javascripts/ 69 KB
21 KB 36ms
35ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/javascripts/jquery.dataTables.min.js

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d9001fde03d23b01294cdca5dcd9a4e121cc96a84c0e2cba4b1b65659ca3c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02755b28693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 jquery.qrcode.min.js Show response
login.mandiant.com/javascripts/ 14 KB
5 KB 111ms
110ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/javascripts/jquery.qrcode.min.js

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b87afcb23325c0004e8fa985ce61c078591a66c7d4b6acde588262b10defb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-36ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02755b29693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 bootstrap.min.js Show response
login.mandiant.com/javascripts/ 22 KB
6 KB 47ms
47ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/javascripts/bootstrap.min.js

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda9eb4875faac5fa9d075be71c31f6790cf8b1f8ded57f4fa608cd3b5f41387

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-5741"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02755b2e693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 DT_bootstrap.js Show response
login.mandiant.com/javascripts/ 4 KB
1 KB 38ms
38ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/javascripts/DT_bootstrap.js

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e458a532f28bd893c29465e0be82c904aaab7de0becf0b5ac18ecebadafefb0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-f5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02755b30693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 chosen.jquery.min.js Show response
login.mandiant.com/chosen/ 28 KB
7 KB 32ms
32ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/chosen/chosen.jquery.min.js

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-71c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02755b32693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 select2.min.js Show response
login.mandiant.com/javascripts/ 69 KB
19 KB 43ms
43ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/javascripts/select2.min.js

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3616
x-frame-options: DENY
etag: W/"620e8a77-114eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f02755b33693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET
H2 200 MandiantAdvantageLogo.svg
login.mandiant.com/images/logos/ 4 KB
2 KB 34ms
33ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.mandiant.com/images/logos/MandiantAdvantageLogo.svg

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a0934a02dc2710d73cd404b998aa9ede408ab1c510469669e0188c666bb7452

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
age: 3615
x-frame-options: DENY
etag: W/"620e8a77-10c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3600
strict-transport-security: max-age=16070400; includeSubDomains
cf-ray: 6e1f0275abc4693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET sso_bg.svg
login.mandiant.com/images/ 0
0

GET
H2 200 OpenSans-Regular.ttf
login.mandiant.com/fonts/opensans/ 95 KB
95 KB 34ms
34ms Font
application/octet-stream 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.mandiant.com/fonts/opensans/OpenSans-Regular.ttf

Requested by

Host: login.mandiant.com
URL: https://login.mandiant.com/stylesheets/fonts.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://login.mandiant.com/stylesheets/fonts.css
Origin: https://login.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 08:16:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3615
content-length: 96932
last-modified: Thu, 17 Feb 2022 17:48:39 GMT
server: cloudflare
x-frame-options: DENY
etag: "620e8a77-17aa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16070400; includeSubDomains
content-type: application/octet-stream
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 6e1f02761ca6693a-FRA
expires: Wed, 23 Feb 2022 09:16:00 GMT

GET OpenSans-Bold.ttf
login.mandiant.com/fonts/opensans/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe2g0&_p=1193743690&sr=1600x1200&gcs=G100&ul=en-us&cid=1960483540.1645604156&dl=https%3A%2F%2Fadvantage.mandiant.com%2Fauth%2Flogin%3FreturnTo%3D%252F&dt=Mandiant%20Advantage&sid=1645604155&sct=1&seg=1&_s=2

Domain: rum-http-intake.logs.datadoghq.com
URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub740828818d18fd181c02f10c642611c3?_dd.application_id=aafde5b0-462c-471a-9493-09e0ed88ac5f&ddsource=browser&ddtags=sdk_version:1.26.3&batch_time=1645604160827

Domain: login.mandiant.com
URL: https://login.mandiant.com/images/sso_bg.svg

Domain: login.mandiant.com
URL: https://login.mandiant.com/fonts/opensans/OpenSans-Bold.ttf

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
advantage.mandiant.com/	1970-01-20 01:06:45	Name: _dd_s Value: rum=1&id=423f09b6-38dd-490c-ae53-2b7e64f79d36&created=1645604155306&expire=1645605055306
.mandiant.com/	1970-01-20 09:52:20	Name: apt.uid Value: AP-GLIY23EWD6MP-2-1-1645604156192-44866681.0.0
.mandiant.com/	1970-01-20 01:06:45	Name: apt.sid Value: AP-GLIY23EWD6MP-2-1-1645604156193-48864357
auth.fireeye.com/	1969-12-31 23:59:59	Name: PF Value: VTXQWIa4Qs9AQ4kIb4xdQh
login.mandiant.com/	1969-12-31 23:59:59	Name: m_sess Value: eeceb27723dcea78b1193acf59f1d2471835423828f7f3b3108a431364ae3f331ab895d7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advantage.mandiant.com
auth.fireeye.com
login.mandiant.com
mf-packages.mandiant.com
px-esp.mandiant.com
px-sdk.mandiant.com
rum-http-intake.logs.datadoghq.com
web-sdk.aptrinsic.com
www.google-analytics.com
www.googletagmanager.com
login.mandiant.com
rum-http-intake.logs.datadoghq.com
www.google-analytics.com
2600:1f18:24e6:b900:a59b:777e:81ed:2bd8
2600:9000:214f:6400:d:5b57:f7c0:93a1
2606:4700:300b::a29f:f07d
2606:4700:300b::a29f:f67d
2a00:1450:4001:808::200e
2a00:1450:4001:831::2008
35.190.35.221
35.224.119.111
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
0a34f6c2eb07379c39956b895dbe1646351798653782833577a23fed0ebb1ee6
0ce11227c43c875ad3069fc4332d91d00f2ec015218ea2e8486df66ce8d7d637
0d9001fde03d23b01294cdca5dcd9a4e121cc96a84c0e2cba4b1b65659ca3c56
12222adc689853efd89db7e7c1af0a5e4bc8f8e1bf2d51edc780c6bb178ba023
13cf2b4548fb30f8ed00794494849478eee2f71cc0303b167460cca9d146814b
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
170cdf9dc32d14b98d3d6017484403f2b52a57d87fef670328623e95eb7f4941
1a0934a02dc2710d73cd404b998aa9ede408ab1c510469669e0188c666bb7452
1b10f9f87068b5dbfa271e96897218c24cf2d5d7e8362e2f254dc772ed99e4b4
1c062a0da8b8cd34a8e0993e72d818acb6a204b9214f9bfc038c0e9391a1222d
229bbf4d0e7488209564152c6723497f1ac3934136ca1684233d2fa88fa4146f
286a8fbf1188c97fb1574a646b6d2af554ac2ea32b071fb2921ca4cd482a5fe6
2a48c252662cc35474233f9a616fc4fae61b6b67475a43a44b2d48c0944eb7e7
3302a3a731f570aaa2b07e6a476d36430c9a241a3d68ed12a596743db02389ea
3ba93e8907103d54675849231672deb8846b20957e130139fa30021a689b99ed
40d7217c7bad276134f18cdbc68edf1d04058ee47bf54f9a16ac543afeb0ded5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
57ce0cd41aa45fab79bb1ef35c16617b4d028551a8df8319b7fa8dfdd8978797
5c30839f534ca548df1a97a0844ee4c6294e894b8cbe725e891ee9c569e1665f
650fe65a026fc7650948af45fb3a478f2fb535cc845ebe8125251b5d39a7ee1c
6b87afcb23325c0004e8fa985ce61c078591a66c7d4b6acde588262b10defb65
6de98d6b892995b3f3a123f87bce4aedc4da03009b6071b8336c4ab343b4f8ee
7206cf318a71ac0cd59d710fd6318de5bb647e95a1d6dada870eded122b1f0e7
73881513a7e7f8944a311bea8e80e9fad946e256ae74d62b5c8d469dc6df0186
7dd83305b08ffee1233c0ecc66a38fb7d333d396086b66b0faa2cdbb8af2ef02
82414bb189b74364d7ada8a4a5a8bfcd473e6818268fd927fbbfe33256492b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833f5a58df4d6a88a3145cc7db04641782301e4a748a0e4d8240ca245c1b53f9
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8947b20fbda9e346ac24265d0176335b5d920bccb006006a764fe05e96940b2f
9674bd4b9d9de552fb9432c2dec4b3ad96ec8412bf99901fd9a0dbacc652be70
9787ae9e864853f5fe0b383595b33b307ce6bb8ea5a2a9b0dbfe2a5168bf494e
9b41d8fc785e8fa02fe828fb9a493b1a757f48cc99fc960a006eee65ad9b340b
9cd549ab448dcb61670d11856919c843c0ab510c6a29dd0ae62a66bbf885264c
9db33292007ab6c38527b39d5663e976a305564e19b2a5a8713ea2b2c00f505d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8b43e505a08e0831cec29c4bb00394c3bd2256d8a106d4a45af93be02278f0f
a97ef3f0545bfb3c9e87af61a1fba67f41f2deb00dc95c26d437dace5809d5a6
ac5e795ef85ed1a2f77281ce4ed960ed9436e2ceaaf1f8ca4bca28e0c5f7c924
ac737670e4c4fd04d8472526f0e8cd83c9ce0b0dfbe0ba0276630c19e917e165
ace01711c76816754c3eee2fbc94866cc533ed497088f15b1834e61171972b04
b05a718dd4613ab0ba994b9b66609497b4baff74d1e04aea179e4786581bec64
b770a845bb167e2a9d1af5c68533a1d2205218b7681528946f32774bbe2be01f
c8467b98f112bb1b06a33cde66a70de85c05d22a455f91f592554c804a50a729
c86253677f5c8a4ca074e91a987630e0a06271b68e9f939686a86347b902835f
cbda88f36212a4d7a5a185cb0a603baab1b1d619094d6780636af36b65719210
cd0992c3742ec06160e65b0bf5cfe3ce6eb3a2ca06a8fda6620ab23a48a710de
cda9eb4875faac5fa9d075be71c31f6790cf8b1f8ded57f4fa608cd3b5f41387
d0b8c9bab2c9a1ad63707691c0c0e75f6110f15a60a543054ffe22f9312d2f27
d30d18d3a7060d79411cf133b26e1498e92f869a04165aed0fc8629a0299a3f6
d71781c84bb060f63094ef0e9536cfc8473b6820ebe1bcf6c655f4f5fde5ae05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e458a532f28bd893c29465e0be82c904aaab7de0becf0b5ac18ecebadafefb0d
ee350fa0558220e755caed50a34b2cd6ad03cbad49560fdae1c74bfdbd9fec28
f17bd19b227770c876a931b1fd37cb370b940c68290767714ebe70832ce4a79f
f2e82b1afb1aff1a5d9a7530b3309367b4bb294f3f588eeff7d44e606a405d33
f50368798b3c81dd9f4b283fe16bf2b5e2711ee63c265fb5cee52d10a99fe686
fb01538cec5187f0d95956e2d61f214b760c8505cf32cb88c6c4a8a70b13e649
fe685a0131825c98778104624b1d4fbbc115f299ac694f3b00e45d69cb764128

login.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f07d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

95 %HTTPS

75 %IPv6

6 Domains

10 Subdomains

9 IPs

2 Countries

8888 kBTransfer

10405 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

95 %
HTTPS

75 %
IPv6

6
Domains

10
Subdomains

9
IPs

2
Countries

8888 kB
Transfer

10405 kB
Size

5
Cookies

75 HTTP transactions
0 data transactions