www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=
Effective URL:
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPw...
Submission: On December 07 via api (December 7th 2021, 3:19:15 pm UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 34 domains to perform 178 HTTP transactions. The main IP is 2606:4700:300b::a29f:f17d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 4th 2021. Valid for: a year.

This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:300... 2606:4700:300b::a29f:f17d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:300... 2606:4700:300b::a29f:f67d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.87.38 13.225.87.38	16509 (AMAZON-02) (AMAZON-02)
6 46	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
8	143.204.98.112 143.204.98.112	16509 (AMAZON-02) (AMAZON-02)
1 9	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	143.204.98.28 143.204.98.28	16509 (AMAZON-02) (AMAZON-02)
2	3.224.194.123 3.224.194.123	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba08	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.111.233.140 104.111.233.140	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.224.197.80 13.224.197.80	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.27 13.224.189.27	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2620:119:50e8... 2620:119:50e8:101::9002:f05	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	3.120.81.78 3.120.81.78	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.16 13.225.87.16	16509 (AMAZON-02) (AMAZON-02)
2 2	34.248.11.216 34.248.11.216	16509 (AMAZON-02) (AMAZON-02)
1 2	13.225.87.31 13.225.87.31	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.220.98.13 3.220.98.13	14618 (AMAZON-AES) (AMAZON-AES)
1	54.218.116.118 54.218.116.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3 9	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
6	3.89.170.15 3.89.170.15	14618 (AMAZON-AES) (AMAZON-AES)
178	44

1 104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:300b::a29f:f17d (United States)

ASN13335 (CLOUDFLARENET, US)

www.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:300b::a29f:f67d (United States)

ASN13335 (CLOUDFLARENET, US)

www.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

www2.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-38.fra2.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 151.101.1.181 (United States) 6 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.98.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-112.fra50.r.cloudfront.net

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-28.fra50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.194.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-194-123.compute-1.amazonaws.com

vff4596.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba08 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.233.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-140.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.197.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-80.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-27.fra2.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e8:101::9002:f05 (San Francisco, United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

177-vpk-082.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.81.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-81-78.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-16.fra2.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.11.216 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-11-216.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-31.fra2.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.98.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-98-13.compute-1.amazonaws.com

ff.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.116.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-116-118.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.70 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

11449174.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11363283.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.89.170.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-170-15.compute-1.amazonaws.com

raw.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	vidyard.com 6 redirects play.vidyard.com cdn.vidyard.com assets.vidyard.com raw.vidyard.com	923 KB
26	mandiant.com www.mandiant.com	660 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	803 KB
12	google.com 1 redirects www.google.com adservice.google.com	46 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net 11449174.fls.doubleclick.net 11363283.fls.doubleclick.net stats.g.doubleclick.net	4 KB
8	fireeye.com pages.fireeye.com www.fireeye.com www2.fireeye.com	147 KB
6	6sc.co j.6sc.co c.6sc.co b.6sc.co	13 KB
6	googletagmanager.com www.googletagmanager.com	255 KB
5	trustarc.com consent.trustarc.com	26 KB
5	d41.co cdn-0.d41.co vff4596.d41.co ff.d41.co	246 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	bing.com bat.bing.com	11 KB
3	facebook.net connect.facebook.net	134 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	6sense.com epsilon.6sense.com	748 B
2	segment.com cdn.segment.com	25 KB
2	marketo.net munchkin.marketo.net	6 KB
2	addtoany.com static.addtoany.com	26 KB
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	segment.io api.segment.io	143 B
1	facebook.com www.facebook.com	295 B
1	rlcdn.com id.rlcdn.com	66 B
1	t.co t.co	470 B
1	twitter.com analytics.twitter.com	673 B
1	mktoresp.com 177-vpk-082.mktoresp.com	311 B
1	adnxs.com secure.adnxs.com	690 B
1	demandbase.com tag.demandbase.com	16 KB
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
178	34

	Domain	Requested by
26	play.vidyard.com	6 redirects www.mandiant.com play.vidyard.com www.googletagmanager.com assets.vidyard.com
26	www.mandiant.com	pages.fireeye.com www.mandiant.com
20	assets.vidyard.com	play.vidyard.com assets.vidyard.com
10	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	1 redirects www.mandiant.com www.gstatic.com www.google.com
8	cdn.vidyard.com	www.mandiant.com assets.vidyard.com
6	raw.vidyard.com	assets.vidyard.com
6	11449174.fls.doubleclick.net	2 redirects www.googletagmanager.com www.mandiant.com
6	www.googletagmanager.com	www.mandiant.com www.googletagmanager.com
6	www2.fireeye.com	www.mandiant.com www2.fireeye.com
5	consent.trustarc.com	www.mandiant.com
4	www.google-analytics.com	www.googletagmanager.com www.mandiant.com
4	b.6sc.co	www.mandiant.com
3	adservice.google.com	11449174.fls.doubleclick.net 11363283.fls.doubleclick.net
3	11363283.fls.doubleclick.net	1 redirects www.googletagmanager.com www.mandiant.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.mandiant.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	segments.company-target.com	1 redirects www.mandiant.com
2	match.prod.bidr.io	2 redirects
2	epsilon.6sense.com	j.6sc.co
2	px.ads.linkedin.com	2 redirects
2	cdn.segment.com	pages.fireeye.com cdn.segment.com
2	munchkin.marketo.net	pages.fireeye.com munchkin.marketo.net
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	vff4596.d41.co	cdn-0.d41.co
2	static.addtoany.com	www.mandiant.com static.addtoany.com
2	cdn-0.d41.co	www.mandiant.com cdn-0.d41.co
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.mandiant.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.mandiant.com
1	api.segment.io	cdn.segment.com
1	ff.d41.co	cdn-0.d41.co
1	www.facebook.com	www.mandiant.com
1	id.rlcdn.com	www.mandiant.com
1	api.company-target.com	tag.demandbase.com
1	t.co	www.mandiant.com
1	analytics.twitter.com	static.ads-twitter.com
1	177-vpk-082.mktoresp.com	munchkin.marketo.net
1	px4.ads.linkedin.com	www.mandiant.com
1	www.linkedin.com	1 redirects
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	tag.demandbase.com	pages.fireeye.com
1	j.6sc.co	pages.fireeye.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.googleapis.com	consent.trustarc.com
1	cdnjs.cloudflare.com	www.mandiant.com
1	www.fireeye.com	www.mandiant.com
1	pages.fireeye.com
178	51

This site contains links to these domains. Also see Links.

Domain
investors.mandiant.com
careers.smartrecruiters.com
login.mandiant.com
community.fireeye.com
partners.fireeye.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
trustarc.com

Subject Issuer	Validity	Valid
pages.fireeye.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
mandiant.com Cloudflare Inc ECC CA-3	`2021-11-04` - `2022-11-03`	a year	crt.sh
fireeye.com Cloudflare Inc ECC CA-3	`2021-09-29` - `2022-09-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www2.fireeye.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.d41.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-16`	a year	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.6sense.com Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 15 frames:

Primary Page: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Frame ID: FD27FF38E98A28DA5F9276B376184525
Requests: 116 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: CEBBE0D294C29EA7AFEE4394A55F11A9
Requests: 1 HTTP requests in this frame

Frame: https://www2.fireeye.com/index.php/form/XDFrame
Frame ID: 3D0DF66F20ADB24A3040C046C7E2E998
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=v35uc6k7yvxs
Frame ID: 4F4DC533AD92E1AD5EB83D81E30EC363
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=1kqhio3m3z4
Frame ID: C24E24D5E2B41E2D1FB1B8215250CB8D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=v35uc6k7yvxs
Frame ID: 82C7C52FDBFDA37CC4D75EE0B79A050A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=1kqhio3m3z4
Frame ID: 6A2CF98C91BB0E6428AA3C8A39362388
Requests: 4 HTTP requests in this frame

Frame: https://11449174.fls.doubleclick.net/activityi;dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Frame ID: 2B91E6D11A90C5D1AEAE5C1558E8D2AB
Requests: 1 HTTP requests in this frame

Frame: https://11449174.fls.doubleclick.net/activityi;dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Frame ID: BF906612F409402137912386D99527B0
Requests: 2 HTTP requests in this frame

Frame: https://11363283.fls.doubleclick.net/activityi;dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Frame ID: A0406DAAE06037B0779692C30FF28E95
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: F131482E85380FC96FAB6FF3149AB613
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 5BA070E8C8CE7543D9AD6E75FBCC3292
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Frame ID: 57698F73DB584042F578C77C17B5343E
Requests: 1 HTTP requests in this frame

Frame: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Frame ID: DC6E7B7F1D77302BCEEEFF3BE4382242
Requests: 15 HTTP requests in this frame

Frame: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Frame ID: 45DFC6B866D3E3AE13E8BC37444E9B8D
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Threat Intelligence | Mandiant Threat Intelligence Free

Page URL History Show full URLs

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsC... Page URL
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-W... Page URL

Page Statistics

178
Requests

94 %
HTTPS

39 %
IPv6

34
Domains

51
Subdomains

44
IPs

6
Countries

3391 kB
Transfer

9323 kB
Size

35
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://investors.mandiant.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://careers.smartrecruiters.com/mandiant/all/
Title: Careers

Search URL Search Domain Scan URL

URL: https://login.mandiant.com/
Title: .userlayer-1{fill:none;stroke-miterlimit:10;stroke-width:15px}

Search URL Search Domain Scan URL

URL: https://community.fireeye.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://partners.fireeye.com/English/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mandiant

Search URL Search Domain Scan URL

URL: https://twitter.com/Mandiant

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCexu0DP7VKdDByusuTA53FQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mandiant/

Search URL Search Domain Scan URL

URL: https://trustarc.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0= Page URL
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

Request Chain 15

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

Request Chain 71

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3460746%26time%3D1638890351848%26url%3Dhttps%253A%252F%252Fwww.mandiant.com%252Fadvantage%252Fthreat-intelligence%252Ffree-version%253Fmkt_tok%253DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&liSync=true&e_ipv6=AQIveprJwsimsAAAAX2VejI1iMlYgNULvdpReAJpPRC-y2v_3XZDx-bY4B1JN78OsWy06zM

Request Chain 79

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAETCU7DXvcAACoct4Xh-w HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAETCU7DXvcAACoct4Xh-w&verifyHash=4257105fb93d233c21167a15811d5806050a143c

Request Chain 103

https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=1486144230.1638890352&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&gtm=2wgc10T72STLD&auid=1366996721.1638890352 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1486144230.1638890352&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&gtm=2wgc10T72STLD&auid=1366996721.1638890352

Request Chain 104

https://11449174.fls.doubleclick.net/activityi;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c HTTP 302
https://11449174.fls.doubleclick.net/activityi;dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Request Chain 105

https://11449174.fls.doubleclick.net/activityi;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c HTTP 302
https://11449174.fls.doubleclick.net/activityi;dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Request Chain 106

https://11363283.fls.doubleclick.net/activityi;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c HTTP 302
https://11363283.fls.doubleclick.net/activityi;dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Request Chain 148

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

Request Chain 150

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

Request Chain 164

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

Request Chain 170

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

178 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=
pages.fireeye.com/ 511 B
872 B 238ms
209ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Dec 2021 15:19:10 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9ebb135b511f19-FRA
content-encoding: gzip

GET
H2 200 Primary Request free-version Show response
www.mandiant.com/advantage/threat-intelligence/ 196 KB
56 KB 704ms
681ms Document
text/html 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44cc0a59361505bbaa3e701d19ffbb7d9dc71afa75ffb03562f3b229ea8460b1

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pages.fireeye.com/

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=2764800, public
link: <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="canonical" <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="en" <https://www.mandiant.jp/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="ja" <https://www.mandiant.kr/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="ko" <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 07 Dec 2021 15:19:11 GMT
etag: "1638890351"
vary: Cookie,Accept-Encoding
content-security-policy: report-uri /report-csp-violation
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin
expect-ct: max-age=86400
content-encoding: gzip
x-request-id: v-07a4cb0e-5771-11ec-a937-c343f9ab489d
x-ah-environment: prod
age: 0
via: varnish
x-cache: MISS
accept-ranges: bytes
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b9ebb155c8868fd-FRA

GET
H2 200 google_tag.script.js Show response
www.mandiant.com/sites/default/files/google_tag/google_tag_manager/ 348 B
427 B 43ms
42ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r3p9at

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86234
x-cache: HIT
x-cache-hits: 13
x-ah-environment: prod
content-length: 280
x-request-id: v-1c767722-56a8-11ec-8df6-f79b125d6909
last-modified: Mon, 06 Dec 2021 15:20:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb19e90668fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css
www.mandiant.com/sites/default/files/css/ 9 KB
3 KB 52ms
50ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 414445
x-cache: HIT
x-cache-hits: 31
x-ah-environment: prod
content-length: 2495
x-request-id: v-dde4df5e-53a9-11ec-ab3c-23ed3651c287
last-modified: Mon, 08 Nov 2021 20:48:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb19e90868fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 clientlibs_recaptcha.min.css
www.fireeye.com/etc/designs/fireeye-www/ 649 B
1019 B 109ms
55ms Stylesheet
text/css 2606:4700:300b::a29f:f67d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_recaptcha.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f67d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9

Security Headers

Name	Value
Content-Security-Policy	worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://content.fireeye.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest1
date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6775
x-vhost: publish
vary: Accept-Encoding,User-Agent
content-length: 373
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Dec 2021 19:13:52 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://content.fireeye.com
etag: "289-5d242b51ffc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
accept-ranges: bytes
cf-ray: 6b9ebb1a3ed85c80-FRA
expires: Tue, 07 Dec 2021 19:19:11 GMT

GET
H2 200 css_BweRyY4MF3DKxwEjrIb8pucoG3rsHMgtQTr6NjXV5WA.css
www.mandiant.com/sites/default/files/css/ 1 KB
572 B 29ms
28ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_BweRyY4MF3DKxwEjrIb8pucoG3rsHMgtQTr6NjXV5WA.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070791c98e0c1770cac70123ac86fca6e7281b7aec1cc82d413afa3635d5e560

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 414445
x-cache: HIT
x-cache-hits: 28
x-ah-environment: prod
content-length: 297
x-request-id: v-7c4e3fc4-53a9-11ec-bf7b-3728103fc156
last-modified: Thu, 18 Nov 2021 22:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb19e90c68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 60ms
43ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 413104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4364
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAU5YeNqKer5UYB9AyHF2ZEwQif%2FxdEGYGPwT4Tri6lMZnDMX5gATcwtNlNejIZczIuHda%2FDVPvCIUqdIkGeskP1LJF9FjZZ5cx9a8aL%2BPqNmA3DOsyGqdKbckhD5v%2FUNIhEyMHqJJTKJjK0LMDa%2Fa0z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9ebb1a08144e74-FRA
expires: Sun, 27 Nov 2022 15:19:11 GMT

GET
H2 200 css_JuaZYhYzTuce8L3JZ6j0GyZOs2h_5fEgIt5Rk2gSDFk.css
www.mandiant.com/sites/default/files/css/ 143 KB
21 KB 30ms
30ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_JuaZYhYzTuce8L3JZ6j0GyZOs2h_5fEgIt5Rk2gSDFk.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e6996216334ee71ef0bdc967a8f41b264eb3687fe5f12022de519368120c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415400
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-length: 21680
x-request-id: v-d4a74f1c-53a9-11ec-b86e-fb77c80ecb69
last-modified: Mon, 08 Nov 2021 20:48:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb19e91068fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
www.mandiant.com/sites/default/files/css/ 205 KB
25 KB 33ms
33ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65be7e38d2dd34310f31924337a5960a7914ace32b18fc267f39736360c80e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 86245
x-cache: HIT
x-cache-hits: 20
x-ah-environment: prod
content-length: 25598
x-request-id: v-15b39a96-56a8-11ec-93fb-e3ce9794db96
last-modified: Mon, 06 Dec 2021 15:20:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb19e91368fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 mndt-gen-tall-bg.jpg
www.mandiant.com/sites/default/files/2021-09/ 6 KB
6 KB 29ms
26ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/mndt-gen-tall-bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 414445
x-cache: HIT
last-modified: Mon, 27 Sep 2021 18:09:55 GMT
x-cache-hits: 26
x-ah-environment: prod
content-length: 5790
x-request-id: v-dde42546-53a9-11ec-8b16-cbce87559d5b
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1a9b1b68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 forms2.min.js Show response
www2.fireeye.com/js/forms2/js/ 205 KB
68 KB 61ms
39ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
age: 7037
etag: "4814ec-33210-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6b9ebb1a9fcf2b16-FRA
expires: Tue, 07 Dec 2021 19:19:11 GMT

GET
H/1.1 200
OK ff-2.min.js Show response
cdn-0.d41.co/tags/ 169 KB
169 KB 40ms
11ms Script
application/javascript 13.225.87.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/ff-2.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e111614ac18cf0c829a3dbfc6aff736c03536ec281330daf38e4bb3fb6ddfca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:17:51 GMT
Via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
Last-Modified: Tue, 24 Nov 2020 18:53:44 GMT
Server: AmazonS3
Age: 102
ETag: "da4912a78302efa0a3cb5d43a88f0e41"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 172705
X-Amz-Cf-Id: UCo5P5pXVs7gRqwBi3yxqWg5NDSNnPzS4v-tQSj1qrfH1UBkp17-qw==

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 71 KB
23 KB 25ms
7ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a29e92b61e28d33c457c5f690d3df6f5f7de9d40e2475eccd2e20ea9b35447d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 7976
x-cache: HIT
x-cache-hits: 7
content-length: 23117
x-served-by: cache-fra19162-FRA
x-china: 0
last-modified: Thu, 07 Oct 2021 20:52:13 GMT
etag: "bdf2778beb70cd0653688fd53c09f6e5"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
32 KB

76ms
25ms

Image
image/jpeg

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 22:33:18 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 492354
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31938
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: AmazonS3
etag: "09c372482f3c326fb5c1843a299311cb"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: E2glCz2y2-RANmy8zlkkUheoco0etNbfNMkLvJBUISjTtOtU-J-F8A==

Redirect headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: 1.1 varnish
age: 530071
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1638890352.794178,VS0,VE1
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 IDC_logo.png
www.mandiant.com/sites/default/files/2021-09/ 33 KB
33 KB 48ms
46ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/IDC_logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9537e3f5594de1f0ff9699c91ce421f2deb6db5929e7b7c5735deebbb6f3b214

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 414445
x-cache: HIT
x-cache-hits: 24
x-ah-environment: prod
content-length: 33645
x-request-id: v-7cba3df0-53a9-11ec-b460-fb16b5402aad
last-modified: Sat, 25 Sep 2021 19:05:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1a9b1e68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 MAN_Sandra_%20Joyce_headshot.jpg
www.mandiant.com/sites/default/files/2021-09/ 55 KB
55 KB 34ms
32ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/MAN_Sandra_%20Joyce_headshot.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4e360b00b933d5c83d792b3cad8423b88cacb13d72bf9c965b730a704d4b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 414445
x-cache: HIT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 23
x-ah-environment: prod
content-length: 56278
x-request-id: v-7cb88302-53a9-11ec-95b1-7760fe7fc0dc
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1a9b2068fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2

200

72c7c0397b3d11203ba8a8.jpg
cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/
Redirect Chain

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

37 KB
38 KB

67ms
16ms

Image
image/jpeg

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:14 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 70558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38093
last-modified: Thu, 12 Aug 2021 21:28:14 GMT
server: AmazonS3
etag: "fac35442dc3f54400feda4067e98bdc9"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: .4W53FlrEOMwGZ_0xSp_2Ygzm.6IzDtB
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: zOnjo7sPgAZ5va8YBmOmZmhY_gTEXhmxIjlEtc4o-KbjFGp6Np22eg==

Redirect headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: 1.1 varnish
age: 1232605
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
x-timer: S1638890352.794241,VS0,VE1
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js Show response
www.mandiant.com/sites/default/files/js/ 113 KB
39 KB 44ms
41ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff358b1e3b643b9432dd2970f1afdda9e5b101ec52ad59546b5f8043a02e0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415400
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-length: 39817
x-request-id: v-d4a9a71c-53a9-11ec-ac44-8fceaf70d0db
last-modified: Thu, 18 Nov 2021 22:58:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1a9b1168fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
994 B 40ms
17ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af893638a2d983d9d79b699ab8ae2f7f507a67c4bca1911b9a377a7c6f44a2e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Tue, 07 Dec 2021 15:19:11 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 65ms
36ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24925
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6b9ebb1ac8785c80-FRA
cf-bgj: minify

GET
H2 200 js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js Show response
www.mandiant.com/sites/default/files/js/ 174 KB
55 KB 46ms
43ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9ab3e7109f42ef98afbad438ec60278ecafc571622d8b190a35c733dbcc0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415400
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-length: 56326
x-request-id: v-d4a93db8-53a9-11ec-875f-dbb59d938f1d
last-modified: Thu, 18 Nov 2021 23:24:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1a9b1568fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 eb5srz Show response
consent.trustarc.com/v2/notice/ 68 KB
20 KB 54ms
14ms Script
text/javascript 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/v2/notice/eb5srz
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: 4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:13:15 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
age: 356
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
x-amz-cf-id: CzW8NTKcsVLepLWndGb1oMJJAgsvreJ0l-7EtCP_IDywg6Oc6dDZeA==

GET
H2 200 fontloader.built.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 33ms
31ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cb9efe9226cab0669f7f6cdf082ec49a48a58f6411b69864b6f952928b979a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415398
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-length: 2315
x-request-id: v-d50846dc-53a9-11ec-804c-7b9f7e47d771
last-modified: Tue, 28 Sep 2021 02:55:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1a9b2468fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 arrow-red.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 234 B
357 B 36ms
36ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/arrow-red.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eab324aea216ff6432155a5cdbd59b7c1429f7d27be852f9dd037c7ade0377c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415398
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-d51ecf7e-53a9-11ec-bdeb-d385e1693d25
last-modified: Thu, 26 Aug 2021 20:19:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6b9ebb1aab3d68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 28ms
28ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415301
x-cache: HIT
x-cache-hits: 21
x-ah-environment: prod
content-length: 56020
x-request-id: v-d55da316-53a9-11ec-b7ac-d7868fc55c42
last-modified: Thu, 26 Aug 2021 20:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1adbc668fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 71 KB
71 KB 38ms
38ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415272
x-cache: HIT
x-cache-hits: 26
x-ah-environment: prod
content-length: 72380
x-request-id: v-d55f067a-53a9-11ec-bbc6-c72584b4fbb3
last-modified: Wed, 29 Sep 2021 04:47:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1adbc968fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 getForm Show response
www2.fireeye.com/index.php/form/ 22 KB
5 KB 57ms
56ms Script
application/javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.fireeye.com/index.php/form/getForm?munchkinId=848-DID-242&form=9210&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&callback=jQuery1124010103552841902763_1638890351283&_=1638890351284
Requested by: Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028b96f2b8cc2941c1c0019dddd2b032245d901c3b2bbb745b87d7f66cb5f92e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6b9ebb1b18c22b16-FRA
cached: true

GET
H/1.1 204
No Content / Show response
vff4596.d41.co/sync/ 0
816 B 420ms
100ms Script
text/plain 3.224.194.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vff4596.d41.co/sync/

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.194.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-194-123.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 15:19:12 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Access-Control-Allow-Origin: https://www.mandiant.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dnb_coretag_v4.min.js Show response
cdn-0.d41.co/tags/ 74 KB
75 KB 38ms
37ms Script
application/javascript 13.225.87.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js
Requested by: Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:15:46 GMT
Via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Nov 2021 14:57:32 GMT
Server: AmazonS3
Age: 432
ETag: "c5b0d60b7c887bcae6d8897835a15d14"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 76079
X-Amz-Cf-Id: 84LHovrvtJqFAEZB9-hOhnjFaYBNUKvjojmbN0tmDJDqViWkwKuLiQ==

GET
H2 200 Plus%20Iconicon-onlight-understandrecentactor.png
www.mandiant.com/sites/default/files/inline-images/ 1 KB
1 KB 28ms
28ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-understandrecentactor.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d3f401175e39c476c08dd68216c445af259f6a4cf8ac93ba2e57801cd124a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413747
x-cache: HIT
x-cache-hits: 26
x-ah-environment: prod
content-length: 1099
x-request-id: v-65305e96-53a7-11ec-8c84-87260db6d08b
last-modified: Mon, 27 Sep 2021 18:17:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b7d8f68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 Plus%20Iconicon-onlight-proactivelyhuntthreatactors.png
www.mandiant.com/sites/default/files/inline-images/ 2 KB
2 KB 33ms
32ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-proactivelyhuntthreatactors.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fae616af15fbd4cbf9bcaf860d1a1412b112cc2e3939c8d7e15a2bdb6299f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413747
x-cache: HIT
x-cache-hits: 26
x-ah-environment: prod
content-length: 1709
x-request-id: v-6530720a-53a7-11ec-ab21-cfde378699c1
last-modified: Mon, 27 Sep 2021 18:23:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b7d9c68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 Plus%20Iconicon-onlight-accelerateyourthreat.png
www.mandiant.com/sites/default/files/inline-images/ 1 KB
2 KB 50ms
49ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-accelerateyourthreat.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b5da7d2b1187bcf2851c55bee08715f7b5896352b3fa404673a1317540a44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413747
x-cache: HIT
x-cache-hits: 26
x-ah-environment: prod
content-length: 1513
x-request-id: v-652ffd20-53a7-11ec-ac30-3b604f5f3431
last-modified: Mon, 27 Sep 2021 18:28:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b7d9e68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 Plus%20Iconicon-onlight-accessthreatintelligence.png
www.mandiant.com/sites/default/files/inline-images/ 2 KB
2 KB 33ms
32ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-accessthreatintelligence.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfb5086403ba1c7a9d2f2decb862c8696e41f40da890dd199cb9115b27f86ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413747
x-cache: HIT
x-cache-hits: 26
x-ah-environment: prod
content-length: 2030
x-request-id: v-65303894-53a7-11ec-a385-fbfa4fe7bcfc
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b7da168fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 71 KB
23 KB 6ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a29e92b61e28d33c457c5f690d3df6f5f7de9d40e2475eccd2e20ea9b35447d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 7976
x-cache: HIT
x-cache-hits: 8
content-length: 23117
x-served-by: cache-fra19162-FRA
x-china: 0
last-modified: Thu, 07 Oct 2021 20:52:13 GMT
etag: "bdf2778beb70cd0653688fd53c09f6e5"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
56 KB 31ms
30ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415301
x-cache: HIT
x-cache-hits: 20
x-ah-environment: prod
content-length: 57572
x-request-id: v-d5e36da2-53a9-11ec-9860-3f17c6936d5b
last-modified: Thu, 26 Aug 2021 20:19:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b8db868fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 38ms
38ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415236
x-cache: HIT
x-cache-hits: 30
x-ah-environment: prod
content-length: 55968
x-request-id: v-d5e3fe66-53a9-11ec-9bb4-8774003a601b
last-modified: Thu, 26 Aug 2021 20:19:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b8dbd68fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 Barlow-MediumItalic.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 59 KB
59 KB 32ms
31ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-MediumItalic.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415236
x-cache: HIT
x-cache-hits: 26
x-ah-environment: prod
content-length: 60612
x-request-id: v-d5e4da98-53a9-11ec-86b5-03fa5ba1addd
last-modified: Thu, 26 Aug 2021 20:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b8dd068fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
57 KB 33ms
33ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415236
x-cache: HIT
x-cache-hits: 27
x-ah-environment: prod
content-length: 57764
x-request-id: v-d5e1844c-53a9-11ec-b95d-3f047695c743
last-modified: Thu, 26 Aug 2021 20:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1b9de268fd-FRA
expires: Tue, 21 Dec 2021 15:19:11 GMT

GET
H2 200 974.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
3 KB 25ms
24ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?36372e

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ed649e749e9698e805596809e2ede372229183ddb6b38fc96f696cff02f085

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415399
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-length: 2308
x-request-id: v-d529b902-53a9-11ec-96d3-6bbc8c67b6a5
last-modified: Sat, 25 Sep 2021 04:35:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1c782f68fd-FRA
expires: Tue, 21 Dec 2021 15:19:12 GMT

GET
H2 200 404.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 406 B
384 B 32ms
32ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415399
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-length: 263
x-request-id: v-d529fc8c-53a9-11ec-bd1a-0329b4f52dc8
last-modified: Wed, 08 Sep 2021 22:42:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1c783168fd-FRA
expires: Tue, 21 Dec 2021 15:19:12 GMT

GET
H2 200 27.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 503 B
562 B 29ms
29ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/27.bundle.js?998f5e

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7582f1ce2b50afe0c64f6da84ed7104462c073ef5d4d8054b1cc7cecf6da0f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 415399
x-cache: HIT
x-cache-hits: 1
x-ah-environment: prod
content-length: 332
x-request-id: v-d52a2716-53a9-11ec-82bc-0bad1bc0ba94
last-modified: Wed, 08 Sep 2021 22:42:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6b9ebb1c783568fd-FRA
expires: Tue, 21 Dec 2021 15:19:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
88 KB 42ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r3p9at

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

220d5ce30e3fafb20d9a5170cd96a9e6a5f5278042230aedbda8151e6ae4d21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89624
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 15:19:12 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:33:59 GMT

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame CEBB 741 B
577 B 22ms
21ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e2s
cf-cache-status: HIT
age: 1689002
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6b9ebb1cce345c80-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/v2/notice/eb5srz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 13:42:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 15:19:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 15:19:12 GMT

GET
H2 200 ic-error.svg
consent.trustarc.com/v2/asset/ 5 KB
1 KB 12ms
11ms Image
image/svg+xml 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/ic-error.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: 5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Dec 2021 14:53:42 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:12 GMT
server: openresty/1.15.8.2
age: 2187
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gw2xbiW6xSETElKcuUrqd7HiBm-zvdYWusChWouUS9eFKIxbyhYcSg==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 ic-close-white.svg
consent.trustarc.com/v2/asset/ 7 KB
2 KB 12ms
11ms Image
image/svg+xml 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/ic-close-white.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Dec 2021 14:53:42 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:09 GMT
server: openresty/1.15.8.2
age: 2008
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BwU4RrXBQtU-eROPNzPw4XkRcU4MtUTHSnmbQTNCSwfsS4FAMZlE6Q==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 ic-close.svg
consent.trustarc.com/v2/asset/ 6 KB
1 KB 12ms
12ms Image
image/svg+xml 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/ic-close.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: 78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Dec 2021 14:53:42 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:11 GMT
server: openresty/1.15.8.2
age: 1760
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: sWuHP3FDVlihsN-Egh5Tf5d8KrBzwRmUBDbZUcURJPs9xn3a_JF35g==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 trustarc-logo-xs.svg
consent.trustarc.com/v2/asset/ 3 KB
2 KB 12ms
12ms Image
image/svg+xml 143.204.98.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/trustarc-logo-xs.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-28.fra50.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Tue, 07 Dec 2021 14:53:42 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 02:29:33 GMT
server: openresty/1.15.8.2
age: 3685
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XtX2xQIU2XOFaP41dLjb958OenhcugJ_JSqeFonwd1dsBRXA09VUyg==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 forms2.css
www2.fireeye.com/js/forms2/css/ 13 KB
3 KB 42ms
41ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/css/forms2.css

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3479
content-length: 2623
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
etag: "4a0834-3437-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b9ebb1cebf92b16-FRA
expires: Tue, 07 Dec 2021 19:19:12 GMT

GET
H2 200 forms2-theme-simple.css
www2.fireeye.com/js/forms2/css/ 826 B
389 B 27ms
27ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3479
content-length: 242
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
etag: "4a083a-33a-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b9ebb1cebfa2b16-FRA
expires: Tue, 07 Dec 2021 19:19:12 GMT

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc
play.vidyard.com/ 0
2 KB 21ms
7ms Other
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
age: 308
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-fra19153-FRA
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890352.189987,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx
play.vidyard.com/ 0
1 KB 21ms
7ms Other
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
age: 308
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-fra19153-FRA
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890352.190148,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 532595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 11:22:37 GMT

GET
H2 200 XDFrame Show response
www2.fireeye.com/index.php/form/ Frame 3D0D 2 KB
861 B 186ms
186ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/index.php/form/XDFrame

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ecd284b8811543e88f4c470ba7b3fe3f4b7a458c512bb92ab41d2b491aee6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9ebb1dfe1b2b16-FRA
content-encoding: gzip

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 30ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52fa9fdb778b6ce9bd46d3f5a1f9fb9cbe02fca84b0f2f17f9c0653d66418435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61887
x-xss-protection: 0
expires: Tue, 07 Dec 2021 15:19:12 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 38ms
5ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100113-IAD, cache-fra19172-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 39ms
12ms Script
application/x-javascript 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=42468
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: mG+loppYpD1pckmzakRWFMSMmwXJ4gGOgaEc8d+z4sEoUkWxfmJQdFGGH8/3jKB8xIp8Mo7n0kSWkAdRtuo84A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 07 Dec 2021 15:19:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 50ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:11 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 491CD5BBA86E4D84BA21FADE8A642785 Ref B: FRAEDGE1221 Ref C: 2021-12-07T15:19:12Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 26ms
21ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10870294

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c71a15e3da3374ea8c01311cb4f75b7d764949ad17e78be797b17e4038262c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36009
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 15:19:12 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 22ms
7ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 27 KB
9 KB 25ms
8ms Script
application/javascript 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8575
Pragma: no-cache
Last-Modified: Thu, 07 Oct 2021 17:17:43 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615f2bb7-6a5f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: private, no-cache, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 07 Dec 2021 15:19:12 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/ 89 KB
24 KB 33ms
13ms Script
text/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/analytics.min.js
Requested by: Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7d5375c5c42c888e2166d20b83b4e50a5324c03572ff52d27e6e8da11988822

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: _rgfM5NAwYGxFXAysxV4lsL7V7DMFyhD
content-encoding: br
etag: W/"41eaf99027b7b29e63db884bc61a53e8"
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 19 Nov 2021 03:01:59 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 15:19:12 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: izV6galF1cWUg9l-7lV5c0NAMenwB2MCc2Jx8tSk56fJab5VT1MUbQ==

GET
H2 200 41dad6d0.min.js Show response
tag.demandbase.com/ 58 KB
16 KB 43ms
8ms Script
application/javascript 13.224.189.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/41dad6d0.min.js
Requested by: Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGw-WX7ywlYM_JT-xm0RZL9hn-BpK0KF6pEo4T4WKUxbXg0LYo-tJPsCkRTDdHK3u24Fyj0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-27.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ba17fa97dfcf22b549ac3362f681c82a8c654a5a9a63f8e4a6a071c8f049c17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: rpFyfLwiczshLWFNIjONrYD9WBIwMbpV
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 23:32:23 GMT
server: AmazonS3
age: 1102
etag: W/"82ec0243a7aeb004541846030cd1d2af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Tue, 07 Dec 2021 15:00:51 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: nI32t5gt77gRfmfPPomNpyLtKKO5dQWVe1eS6K9EGfNQUTkcGXKogw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11363283

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61a8ec834876822a2f8b652ce8616e09a8cc96d8c34b7f5ca1fb34fa06b0a03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36009
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 15:19:12 GMT

GET
H/1.1 200
OK api Show response
vff4596.d41.co/ 95 B
945 B 111ms
111ms Fetch
application/json 3.224.194.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vff4596.d41.co/api?req=vff4596&form=json

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.194.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-194-123.compute-1.amazonaws.com

Software

Resource Hash

be216714668eddc238963c4d3a7766c9eedc61483913a0dd4d9406d659c47f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 15:19:12 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: https://www.mandiant.com
Cache-control: no-store
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 95
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 8ms
7ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Thu, 17 Mar 2022 15:19:12 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: AjXZiJFgkAQ5fWKc7mfCtBUOM53H+rAClWUsTjbRBWKDweAdJx4WNq4qscim4NJr3rPcOnLxH+EDUTYLfoeL5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 15:19:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 880805232811859 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 22ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/880805232811859?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8ebbe9b4f71b7b2483fff568469c24b7e5443623d6704f7cb7d8e30804f397f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88938
x-xss-protection: 0
pragma: public
x-fb-debug: PFWax84DwyEaVfLhJYmlsyTT/quCvKz+pkZURIxxHSX3xuuCbgmwxx6MPNhnHkKIgAsB+jYQ8W46P5jPd7kyqw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 15:19:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
690 B 42ms
13ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 15:19:12 GMT
X-Proxy-Origin: 91.199.118.72; 91.199.118.72; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 95525303-fabc-4410-9a70-bdfabd0dd5f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.mandiant.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
372 B 23ms
6ms XHR
text/plain 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-233-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b0ecf142eb5ef4d200997425c9131b8505bce076ffd309923eee8f6a58e1f38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.mandiant.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3460746%26time%3D1638890351848%26url%3Dhttps%253A%252F%252Fwww.mandiant.com%252Fa...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNG...

0
155 B

325ms
136ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&liSync=true&e_ipv6=AQIveprJwsimsAAAAX2VejI1iMlYgNULvdpReAJpPRC-y2v_3XZDx-bY4B1JN78OsWy06zM
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: gQzD4heCvhYwKvRuRisAAA==

Redirect headers

date: Tue, 07 Dec 2021 15:19:13 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3460746&time=1638890351848&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&liSync=true&e_ipv6=AQIveprJwsimsAAAAX2VejI1iMlYgNULvdpReAJpPRC-y2v_3XZDx-bY4B1JN78OsWy06zM
x-li-proto: http/2
x-li-pop: prod-ltx1
content-length: 0
x-li-uuid: 35JVzxeCvhZQmY/e1SoAAA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11363283&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae9b6992120a7f1ba2d3ada838be76d4a630980938865d09a19410a891f19d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36020
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 15:19:12 GMT

POST
H/1.1 200
OK visitWebPage
177-vpk-082.mktoresp.com/webevents/ 2 B
311 B 652ms
164ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://177-vpk-082.mktoresp.com/webevents/visitWebPage?_mchNc=1638890351861&_mchCn=&_mchId=177-VPK-082&_mchTk=_mch-mandiant.com-1638890351860-31683&mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&_mchHo=www.mandiant.com&_mchPo=&_mchRu=%2Fadvantage%2Fthreat-intelligence%2Ffree-version&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fpages.fireeye.com%2F&_mchQp=mkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 07 Dec 2021 15:19:13 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 6687a681-53f8-4923-b810-6df153131eff

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
673 B 141ms
125ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5b0k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f61491e4-e157-41f9-9025-38bc1995842b&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Tue, 07 Dec 2021 15:19:12 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 805113484ea7f33c6789408104912310161663828e34d12e538aa14f55047663
x-transaction: 493ce42af2f8e9a1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 130ms
115ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o5b0k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f61491e4-e157-41f9-9025-38bc1995842b&tw_document_href=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Tue, 07 Dec 2021 15:19:12 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7e3b229a6bf8761b2ed5bb0afacf60e0d9a10c40bf0e5b39585ce603ff2c9c66
x-transaction: 95e7d656d3b35e4a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 1 KB
748 B 30ms
13ms XHR
application/json 3.120.81.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.81.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-81-78.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cb66289410723096af337ffed50fb8b9054b84dfd4e3950f6fcada726ed7dedf

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://www.mandiant.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Token 325d6d60e24c7cfc3a782839d85ce08c8d3bb27c
EpsilonCookie: 36bb100296380000707baf617301000085917900

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.mandiant.com
access-control-allow-credentials: true
content-length: 562

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 26ms
9ms Preflight 3.120.81.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.81.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-81-78.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,epsiloncookie
Origin: https://www.mandiant.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
server: nginx
access-control-allow-origin: https://www.mandiant.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET
access-control-allow-headers: authorization,epsiloncookie

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 443 B
945 B 72ms
50ms XHR
application/json 13.225.87.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fpages.fireeye.com%2F&page=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&page_title=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&src=tag&key=8d2742040a7c03554594027a7fa2daa0
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/41dad6d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-16.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: f83d14dfe076a9b57aef5ed354df427e19bc4695e85a57274eff125dff2442b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
request-id: f168083e-2ac2-4aad-881e-b7ad19005e5c
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.mandiant.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4lJkKDGkhrXtwNsTb8rNFfyTBStVvMlBjGyquOx-WsHygTAOCsPvCA==
expires: Mon, 06 Dec 2021 15:19:12 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAETCU7DXvcAACoct4Xh-w
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAETCU7DXvcAACoct4Xh-w&verifyHash=4257105fb93d233c21167a15811d5806050a143c

26 B
408 B

190ms
189ms

Image
image/gif

13.225.87.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAETCU7DXvcAACoct4Xh-w&verifyHash=4257105fb93d233c21167a15811d5806050a143c
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: HTTP/1.1
Server: 13.225.87.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-31.fra2.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
Via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: be42900efb74200d
X-Amz-Cf-Id: _oCtVo7CihWc4Gj5rO4Hp8ayKd6jb2ExIn5B2DR7GsKbLmoQOJyirg==

Redirect headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
Via: 1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAETCU7DXvcAACoct4Xh-w&verifyHash=4257105fb93d233c21167a15811d5806050a143c
Connection: keep-alive
trace-id: 20bc7de8b0c7b29d
Content-Length: 0
X-Amz-Cf-Id: pZQViaO9d6NuXtA7FsAu-n8ITNPQHkq7krD6S8cSUDe7IMMlldd2Tg==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 32ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H3 200 v1.js Show response
www.googletagmanager.com/dclk/ns/ 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/dclk/ns/v1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10870294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03bef1eeac54d221d1da744095e12a9caae78fb47a16f0d9a7598fa83cd79fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 20:23:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
vary: Accept-Encoding
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 08 Dec 2021 20:23:33 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/ 583 B
1 KB 28ms
9ms XHR
application/json 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e7573ee44deaa2a2da4d901e4a40181959517f2cfd036c78e8d8555dea111c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 2VbtNDctMtboUaP_T2JY1.YlHkEJ6FXx
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
etag: "4c464a1f61abed8929723794647e8e04"
age: 7655
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 583
last-modified: Tue, 20 Jul 2021 21:51:47 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 13:24:18 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: lTp7iJJ_L_VEZuBrLC94wDxJuTTazW73rjYsFUBtkoPANCj9TZNIxA==

GET
H2 204 5870833.js Show response
bat.bing.com/p/action/ 0
116 B 31ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5870833.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 07 Dec 2021 15:19:12 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D31623ECE2CC4C6F951A9DD489C4469E Ref B: FRAEDGE1221 Ref C: 2021-12-07T15:19:12Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5870833&tm=gtm002&Ver=2&mid=38a79b58-5839-4c96-8870-57a20b3e102d&sid=08073ac0577111eca639535349608ba7&vid=08072700577111ec81a5299bcd15b330&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&p=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&r=https%3A%2F%2Fpages.fireeye.com%2F&lt=1177&evt=pageLoad&msclkid=N&sv=1&rn=913080
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6515E90C5CE841E5A27D0D78359588FF Ref B: FRAEDGE1221 Ref C: 2021-12-07T15:19:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 196ms
178ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=36bb100296380000707baf617301000085917900&session=962138ab-85e5-4b40-8ccd-c9426ba1dc20&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2007%20Dec%202021%2015%3A19%3A11%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Mandiant%20Threat%20Intelligence%20is%20a%20comprehensive%20SaaS%20platform%20that%20provides%20relevant%20cyber%20threat%20intelligence%20so%20you%20can%20focus%20on%20the%20threats%20that%20matter%20now.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free%22%7D&cb=&r=https%3A%2F%2Fpages.fireeye.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&pageViewId=12fb1022-1fc5-45b4-8f76-9d884410d62f&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:12 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=880805232811859&ev=PageView&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&rl=https%3A%2F%2Fpages.fireeye.com%2F&if=false&ts=1638890351968&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=29&fbp=fb.1.1638890351967.1918737103&it=1638890351821&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 15:19:12 GMT

GET
H2 200 init Show response
ff.d41.co/v1/ 44 B
486 B 310ms
114ms XHR
application/json 3.220.98.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.d41.co/v1/init?v=81d1e10e334c40c6ae3549c0ac1dc49f

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.220.98.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-220-98-13.compute-1.amazonaws.com

Software

Resource Hash

6bfe6a2d2c04d3e78dfd1dce0151d9f087ffe169b6b9568d30f45b937e27f6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:12 GMT
x-content-type-options: nosniff
expect-ct: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expires: 0

GET
H2 200 forms2.min.js Show response
www2.fireeye.com/js/forms2/js/ Frame 3D0D 205 KB
68 KB 23ms
23ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/js/forms2.min.js

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www2.fireeye.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
age: 7038
etag: "4814ec-33210-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6b9ebb1f89102b16-FRA
expires: Tue, 07 Dec 2021 19:19:12 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
143 B 485ms
162ms Fetch
application/json 54.218.116.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.116.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-116-118.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mandiant.com
date: Tue, 07 Dec 2021 15:19:12 GMT
content-length: 21
vary: Origin
content-type: application/json

GET anchor
www.google.com/recaptcha/api2/ Frame 4F4D 0
0

GET anchor
www.google.com/recaptcha/api2/ Frame C24E 0
0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 82C7 40 KB
21 KB 40ms
35ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=v35uc6k7yvxs

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af91853553f6166cafa6bc6b7143263897c1123897fae0e73ac16413b7893a1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6HVyYX4QwNBZmE0voo/Ekg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 15:19:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-6HVyYX4QwNBZmE0voo/Ekg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21243
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6A2C 40 KB
21 KB 29ms
25ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=1kqhio3m3z4

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2988cbe5b7968963ffc78f3e31cc567e20214ba18aa171bc741d2b934ffd553f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fgDY+3QiRjbEiRGQbW2bew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 15:19:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-fgDY+3QiRjbEiRGQbW2bew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21129
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 6A2C 51 KB
24 KB 27ms
12ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=1kqhio3m3z4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:34:05 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 6A2C 347 KB
135 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:33:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 82C7 51 KB
24 KB 21ms
8ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:34:05 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 82C7 347 KB
135 KB 27ms
15ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:33:59 GMT

GET
DATA 200
OK truncated
/ Frame 82C7 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 82C7 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 82C7 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 07:03:19 GMT
x-content-type-options: nosniff
age: 375353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 10 Dec 2021 07:03:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 82C7 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options: nosniff
age: 14467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 11:18:05 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 82C7 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=v35uc6k7yvxs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 07 Dec 2021 15:19:13 GMT

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=G111&rnd=1486144230.1638890352&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&gtm=2wgc10T72STLD&auid=13669967...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1486144230.1638890352&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&gtm=2wgc10T72STLD&...

42 B
804 B

149ms
17ms

Ping
image/gif

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1486144230.1638890352&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&gtm=2wgc10T72STLD&auid=1366996721.1638890352

Requested by

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G111&rnd=1486144230.1638890352&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&gtm=2wgc10T72STLD&auid=1366996721.1638890352
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage... Show response
11449174.fls.doubleclick.net/ Frame 2B91
Redirect Chain

https://11449174.fls.doubleclick.net/activityi;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvant...
https://11449174.fls.doubleclick.net/activityi;dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https...

683 B
567 B

33ms
19ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11449174.fls.doubleclick.net/activityi;dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

15c04c5e94915da36794ad105d12deff3f80f1aa5da08ae7ec39cc16d3756de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 15:19:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 15:19:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://11449174.fls.doubleclick.net/activityi;dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage... Show response
11449174.fls.doubleclick.net/ Frame BF90
Redirect Chain

https://11449174.fls.doubleclick.net/activityi;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvant...
https://11449174.fls.doubleclick.net/activityi;dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https...

594 B
511 B

24ms
24ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11449174.fls.doubleclick.net/activityi;dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

dedcacb28bd3eb42228a296b586566a7b68fde7958e254f83f72a79bc8467865

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 15:19:13 GMT
expires: Tue, 07 Dec 2021 15:19:13 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 486
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 15:19:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://11449174.fls.doubleclick.net/activityi;dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.m... Show response
11363283.fls.doubleclick.net/ Frame A040
Redirect Chain

https://11363283.fls.doubleclick.net/activityi;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fww...
https://11363283.fls.doubleclick.net/activityi;dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudie...

617 B
531 B

66ms
65ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11363283.fls.doubleclick.net/activityi;dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11363283

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

0250ba90c205a063003c46154d894c8229a97ecfe3919443af9be595c0ad1ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 15:19:13 GMT
expires: Tue, 07 Dec 2021 15:19:13 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 506
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 15:19:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://11363283.fls.doubleclick.net/activityi;dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-in...
11449174.fls.doubleclick.net/ 0
0 20ms
20ms Image
text/html 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11449174.fls.doubleclick.net/activityi;register_conversion=1;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-in...
11449174.fls.doubleclick.net/ 0
0 23ms
22ms Image
text/html 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11449174.fls.doubleclick.net/activityi;register_conversion=1;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%...
11363283.fls.doubleclick.net/ 0
0 24ms
23ms Image
text/html 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11363283.fls.doubleclick.net/activityi;register_conversion=1;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 194ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1086
date: Tue, 07 Dec 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 17:01:07 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 195ms
14ms Ping
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oec10&_p=215694599&sr=1600x1200&gcs=G111&ul=en-us&cid=1128117256.1638890353&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&dr=https%3A%2F%2Fpages.fireeye.com%2F&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sid=1638890351&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6A2C 102 B
134 B 34ms
34ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=1kqhio3m3z4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 07 Dec 2021 15:19:13 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame F131 7 KB
1 KB 16ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa2e16667d8d37a4e77806f3640b528f5e01b086a1300761bace4c3974db383d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SWAVETnhCBqR8VlZKrmhxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 15:19:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-SWAVETnhCBqR8VlZKrmhxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5BA0 7 KB
1 KB 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7828ebb92405ca42a56ed0b59a2bc0ebfd6f82051ddae2955ddee148369d35fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1vX5hPlTzqdB15MAMgnP9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 Dec 2021 15:19:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-1vX5hPlTzqdB15MAMgnP9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-... Show response
adservice.google.com/ddm/fls/i/ Frame 5769 194 B
627 B 72ms
48ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Requested by

Host: 11449174.fls.doubleclick.net
URL: https://11449174.fls.doubleclick.net/activityi;dc_pre=CMiByqr-0fQCFbcfBgAd9JYCdw;src=11449174;type=adv;cat=mandi0;ord=2410530240769;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://11449174.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 Dec 2021 15:19:13 GMT
expires: Tue, 07 Dec 2021 15:19:13 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
441 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-203244293-1&cid=1128117256.1638890353&jid=1228227275&gjid=1248465119&_gid=1621258371.1638890353&_u=YDDAgEABAAAAAE~&z=707054675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 15:19:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
7ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=215694599&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&dr=https%3A%2F%2Fpages.fireeye.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YDDAgEAB~&jid=1228227275&gjid=1248465119&cid=1128117256.1638890353&tid=UA-203244293-1&_gid=1621258371.1638890353&gtm=2wgc10T72STLD&cg1=null&cg2=advantage&cd2=Pageview&cd3=1638890351782.kywq9hi7&cd4=2021-12-07T15%3A19%3A11.782%2B00%3A00&cd5=https%3A%2F%2Fpages.fireeye.com%2F&cd15=null&cd16=null&gcs=G111&cd1=1128117256.1638890353&z=771242423

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 19:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69826
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=215694599&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&dr=https%3A%2F%2Fpages.fireeye.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6sense&ea=company%20details%20sent&el=%2Fadvantage%2Fthreat-intelligence%2Ffree-version&_u=YDDAgEABAAAAAE~&jid=&gjid=&cid=1128117256.1638890353&tid=UA-203244293-1&_gid=1621258371.1638890353&gtm=2wgc10T72STLD&cg1=null&cg2=advantage&cd2=Event&cd3=1638890351948.j9ivpoa&cd4=2021-12-07T15%3A19%3A11.948%2B00%3A00&cd5=https%3A%2F%2Fpages.fireeye.com%2F&cd6=9210&cd8=Telecommunications&cd9=Ericsson&cd10=Germany&cd11=Western%20Europe&cd12=ericsson.com&cd15=null&cd16=null&gcs=G111&cd1=1128117256.1638890353&z=1707758283

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 19:55:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69826
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-203244293-1&cid=1128117256.1638890353&jid=1228227275&_u=YDDAgEABAAAAAE~&z=1717497355

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame F131 51 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:34:05 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame F131 347 KB
135 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:33:59 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 5BA0 51 KB
24 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:34:05 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 5BA0 347 KB
135 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 07 Dec 2022 14:33:59 GMT

GET
H3 200 dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-...
adservice.google.com/ddm/fls/z/ Frame BF90 42 B
63 B 59ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Requested by

Host: 11449174.fls.doubleclick.net
URL: https://11449174.fls.doubleclick.net/activityi;dc_pre=CM_Byqr-0fQCFcaY1Qoddt0MQQ;src=11449174;type=hmpg;cat=mandi0;ord=957244594245;gtm=2wgc10;gcs=G111;auiddc=1366996721.1638890352;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11449174.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 181ms
181ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=36bb100296380000707baf617301000085917900&session=962138ab-85e5-4b40-8ccd-c9426ba1dc20&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20Dec%202021%2015%3A19%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20Dec%202021%2015%3A19%3A11%20GMT%22%2C%22timeSpent%22%3A%221019%22%2C%22totalTimeSpent%22%3A%221019%22%7D&isIframe=false&m=%7B%22description%22%3A%22Mandiant%20Threat%20Intelligence%20is%20a%20comprehensive%20SaaS%20platform%20that%20provides%20relevant%20cyber%20threat%20intelligence%20so%20you%20can%20focus%20on%20the%20threats%20that%20matter%20now.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free%22%7D&cb=&r=https%3A%2F%2Fpages.fireeye.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&pageViewId=12fb1022-1fc5-45b4-8f76-9d884410d62f&an_uid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:13 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 05 Jun 2021 07:56:05 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60bb2e15-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H3 200 dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=*;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthre...
adservice.google.com/ddm/fls/z/ Frame A040 42 B
63 B 55ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=*;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Requested by

Host: 11363283.fls.doubleclick.net
URL: https://11363283.fls.doubleclick.net/activityi;dc_pre=CKfxyqr-0fQCFVKx1QodZm0Jvg;src=11363283;type=invmedia;cat=mandi0;ord=6006218648704;gtm=2odc10;gcs=G111;auiddc=1366996721.1638890352;u1=%5BAudience%5D;ps=1;~oref=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11363283.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:19:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 28ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: YXKSRKQXSAVQSE4H
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: O4JKwZC9VFoJXBRd/NFCO0gPTS39j/XLNaWXaKgHazkl5CgZvT66crlfLN37ZUtrHbYn5R9QuA4=
x-served-by: cache-fra19140-FRA
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1638890354.626376,VS0,VE0
date: Tue, 07 Dec 2021 15:19:13 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10338

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc Show response
play.vidyard.com/ Frame DC6E 3 KB
2 KB 7ms
7ms Document
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c26f369723641f427bab98b5bc443dc53d673e944d66262d4e7ec1412f479b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
age: 310
x-served-by: cache-fra19162-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1638890354.608037,VS0,VE1
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1462

GET
H2 200 style.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 176 B
301 B 8ms
7ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/style.js?callback=window.VidyardV4.jsonp.style_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bb38afdb0c9c4ca64d4a65799e3fffa4e61b7ef89db4446c0d253144e8d97b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324858
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 136
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.608171,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b0-Gim8N4l53SYDTcB6WDl+PFCqSmo"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 marketoContact.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/contact/id%3A177-VPK-082%26token%3A_mch-mandiant.com-1638890351860-31683/ 168 B
352 B 167ms
167ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/contact/id%3A177-VPK-082%26token%3A_mch-mandiant.com-1638890351860-31683/marketoContact.js?callback=window.VidyardV4.jsonp.marketoContact_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9eb73fa70ca321417ef27a21ae91254a4ccd3e00e328f0ef6e800389eb631dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 168
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.608620,VS0,VE161
x-frame-options: ALLOWALL
etag: W/"a8-hsvx4iSiMsu7OwWBS/2pdl7RCWM"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 177 B
327 B 7ms
7ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/integrations.js?callback=window.VidyardV4.jsonp.integrations_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45b9e3163d849e17b040b9e163f18d1767078d18bd2a9948a2810ca549bf1a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324858
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 133
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.609192,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b1-ZwtcYibSSbR9QUWoytWyBbzpQd4"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 721 B
614 B 7ms
7ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/details.js?callback=window.VidyardV4.jsonp.details_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

be0807b2d562082eaee06985a3d8f1ffa3298e8777e134367cdbe5d75de7742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35556
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 429
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.610230,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"2d1-nSg7xAVYZP+nu12wUdO58R/XHuw"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx Show response
play.vidyard.com/ Frame 45DF 3 KB
1 KB 7ms
6ms Document
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c26f369723641f427bab98b5bc443dc53d673e944d66262d4e7ec1412f479b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
age: 310
x-served-by: cache-fra19162-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1638890354.612426,VS0,VE1
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1462

GET
H2 200 style.js Show response
play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/ 176 B
231 B 8ms
7ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/style.js?callback=window.VidyardV4.jsonp.style_YaoW27YBWgnoJKYpQL7Ufx.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b49156d5e01eb825b83327e4439ca9fc58e441441a1f63e1189c28bfe517ce3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324858
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 136
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.612534,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b0-qMcukjasAKmv05hmINbSOmAcK28"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 marketoContact.js Show response
play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/contact/id%3A177-VPK-082%26token%3A_mch-mandiant.com-1638890351860-31683/ 168 B
363 B 132ms
131ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/contact/id%3A177-VPK-082%26token%3A_mch-mandiant.com-1638890351860-31683/marketoContact.js?callback=window.VidyardV4.jsonp.marketoContact_YaoW27YBWgnoJKYpQL7Ufx.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

05e194a8989345d1dc8f7cb8f4cb18889f85336a758db302c042fd94d7fbf1f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 168
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.612811,VS0,VE125
x-frame-options: ALLOWALL
etag: W/"a8-l+q0DldYjN5ibUm1F7ViWtY9QNA"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/ 177 B
229 B 7ms
7ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/integrations.js?callback=window.VidyardV4.jsonp.integrations_YaoW27YBWgnoJKYpQL7Ufx.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

125011b4ce1ec07e7cda316c0c68396f03f4929979bcb12442e8b4be311dcda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324858
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 133
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.613505,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b1-JynrKXufvPE52ArHUNOLrh9jx9o"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.js Show response
play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/ 697 B
510 B 7ms
7ms Script
text/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/details.js?callback=window.VidyardV4.jsonp.details_YaoW27YBWgnoJKYpQL7Ufx.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5290d74adbcea5559af25b922914cc5ef5f37b721dd91f2bde1a6d61469c892b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35556
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 414
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.614020,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"2b9-v9MpaLo29pKIbuvI7KAyYrqWSlQ"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc
play.vidyard.com/ 0
1 KB 9ms
7ms Other
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline&rendered=true

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
age: 309
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-fra19153-FRA
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.622002,VS0,VE0
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx
play.vidyard.com/ 0
2 KB 7ms
6ms Other
text/html 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline&rendered=true

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
age: 309
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-fra19153-FRA
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.622101,VS0,VE0
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 api.js Show response
play.vidyard.com/v0/ 19 KB
7 KB 7ms
7ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v0/api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 1199
x-cache: HIT
content-encoding: gzip
content-length: 7168
x-served-by: cache-fra19162-FRA
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1638890354.639851,VS0,VE1
etag: "7b874dd3eb596697c6d49ba7ed6880f8"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 runtime~main-0a7ededc1384e276ee2dc3b19e123757.js Show response
assets.vidyard.com/play/js/ Frame DC6E 7 KB
2 KB 29ms
9ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0dde8a958cbd60287193a1529dbc88467001e648d9fb7943ecd5528515d5d169

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 723
x-cache: HIT
content-length: 2253
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.667501,VS0,VE0
etag: "c0836e73b29e652b7735eb1b440beef6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 main-a6875cc9a4bc0c905ad9e719ee986a48.js Show response
assets.vidyard.com/play/js/ Frame DC6E 101 KB
13 KB 29ms
9ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 599126
x-cache: HIT
content-length: 13448
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 30 Nov 2021 16:52:41 GMT
x-timer: S1638890354.667459,VS0,VE0
etag: "5330e201fbbf207c28cf6c9304098519"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4610

GET
H2 200 runtime~main-0a7ededc1384e276ee2dc3b19e123757.js Show response
assets.vidyard.com/play/js/ Frame 45DF 7 KB
2 KB 32ms
12ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0dde8a958cbd60287193a1529dbc88467001e648d9fb7943ecd5528515d5d169

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 723
x-cache: HIT
content-length: 2253
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.667590,VS0,VE0
etag: "c0836e73b29e652b7735eb1b440beef6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 12

GET
H2 200 main-a6875cc9a4bc0c905ad9e719ee986a48.js Show response
assets.vidyard.com/play/js/ Frame 45DF 101 KB
13 KB 25ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 599126
x-cache: HIT
content-length: 13448
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 30 Nov 2021 16:52:41 GMT
x-timer: S1638890354.667332,VS0,VE0
etag: "5330e201fbbf207c28cf6c9304098519"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4609

GET
H/1.1 200
OK NRJS-890ead692fb1e944fb6 Show response
bam.nr-data.net/1/ 57 B
322 B 442ms
110ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-890ead692fb1e944fb6?a=1404479750&v=1212.e95d35c&to=YlRVYERZV0ZSWhINX1seYkZfF1BbV1weSkBdQQ%3D%3D&rst=2741&ck=1&ref=https://www.mandiant.com/advantage/threat-intelligence/free-version&ap=183&be=754&fe=2691&dc=1162&perf=%7B%22timing%22:%7B%22of%22:1638890350346,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:3,%22c%22:3,%22s%22:8,%22ce%22:24,%22rq%22:24,%22rp%22:705,%22rpe%22:799,%22dl%22:723,%22di%22:1162,%22ds%22:1163,%22de%22:1177,%22dc%22:2690,%22l%22:2691,%22le%22:2708%7D,%22navigation%22:%7B%7D%7D&fp=894&fcp=894&at=ThNWFgxDREg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 progress-events.js Show response
play.vidyard.com/v1/ 14 KB
5 KB 7ms
7ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v1/progress-events.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 2584
x-cache: HIT
content-encoding: gzip
content-length: 5481
x-served-by: cache-fra19162-FRA
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1638890354.665255,VS0,VE1
etag: "5823d0929a8e2e520236508c08ba757c"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx.json Show response
play.vidyard.com/player/ Frame 45DF 7 KB
3 KB 7ms
7ms Fetch
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/YaoW27YBWgnoJKYpQL7Ufx.json?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d1a7d3520fe96ab6563cc556a5f3a04e8faecf56a188357ba587a283d9cdb48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
referrer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
age: 35555
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 3010
x-served-by: cache-fra19162-FRA
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.688579,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"1a25-jm3yUlUO+SdUGSgVIEWi/LXZwds"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

72c7c0397b3d11203ba8a8.jpg
cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/
Redirect Chain

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

37 KB
38 KB

11ms
11ms

Image
image/jpeg

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:14 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 70560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38093
last-modified: Thu, 12 Aug 2021 21:28:14 GMT
server: AmazonS3
etag: "fac35442dc3f54400feda4067e98bdc9"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: .4W53FlrEOMwGZ_0xSp_2Ygzm.6IzDtB
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: TxuHzZRYE8NYZRJiEsqpIupWMoairEfiyrnUCPxtHuYeBEe9NUOYRw==

Redirect headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
age: 1232607
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
x-timer: S1638890354.691511,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc.json Show response
play.vidyard.com/player/ Frame DC6E 7 KB
3 KB 7ms
7ms Fetch
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/ZSM2yap3Uzhft78LqAuyMc.json?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1251e82f7c1ccbda6a9c2db4c9cdee12f4ecb01d1f2643fc74e61c2f9e630111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
referrer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: gzip
age: 324857
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 3027
x-served-by: cache-fra19162-FRA
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1638890354.694693,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"1a58-gjJf/AV4x9vGub5mRgwBsM99/m8"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
32 KB

10ms
10ms

Image
image/jpeg

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 22:33:18 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 492356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31938
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: AmazonS3
etag: "09c372482f3c326fb5c1843a299311cb"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: dVTZBarOm6CECSuR9U8nt18nNrK5aGtGwwutcVhbcrEW4qKa627Seg==

Redirect headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
age: 530073
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1638890354.696066,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js Show response
assets.vidyard.com/play/js/ Frame 45DF 158 KB
41 KB 7ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0df6dda0ca4d7be90c9b60be736dcacc1deacad453827e7a05ebfb57b1faa097

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 3631721
x-cache: HIT
content-length: 41549
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
x-timer: S1638890354.706201,VS0,VE0
etag: "c6d8662df68b4db66335c0ab647b942f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 17085

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js Show response
assets.vidyard.com/play/js/ Frame 45DF 102 KB
29 KB 10ms
10ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 3631721
x-cache: HIT
content-length: 29228
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
x-timer: S1638890354.706381,VS0,VE0
etag: "72c2c0d1544367ee82097199e5530397"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 15731

GET
H2 200 vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js Show response
assets.vidyard.com/play/js/ Frame 45DF 613 KB
104 KB 13ms
12ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f4a3f225d323ee7fe97da693ef576867cc05e926c1f7aeb2a616f1c642a2756c

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 3631720
x-cache: HIT
content-length: 106429
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
x-timer: S1638890354.706458,VS0,VE0
etag: "ff3583515bfe8908a2a24ca2d31eb771"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 15875

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.css
assets.vidyard.com/play/stylesheets/ Frame 45DF 37 KB
7 KB 18ms
18ms Stylesheet
text/css 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-ee266757d7cf4509f752928005efa6b0.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 721
x-cache: HIT
content-length: 7214
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.707208,VS0,VE0
etag: "2f04b4119c443de15975abfa7a6b652f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.js Show response
assets.vidyard.com/play/js/ Frame 45DF 240 KB
50 KB 19ms
19ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-ee266757d7cf4509f752928005efa6b0.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c2d9d4dccb590961368eddaf1aa8418859e14b89185683f5e21c7fc236f2f88

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 722
x-cache: HIT
content-length: 50557
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.707311,VS0,VE0
etag: "f520e390a3c0f1c5190dc4198a01ed57"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js Show response
assets.vidyard.com/play/js/ Frame DC6E 158 KB
41 KB 20ms
19ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0df6dda0ca4d7be90c9b60be736dcacc1deacad453827e7a05ebfb57b1faa097

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 3631721
x-cache: HIT
content-length: 41549
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
x-timer: S1638890354.708216,VS0,VE0
etag: "c6d8662df68b4db66335c0ab647b942f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 17086

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js Show response
assets.vidyard.com/play/js/ Frame DC6E 102 KB
29 KB 21ms
21ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 3631721
x-cache: HIT
content-length: 29228
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
x-timer: S1638890354.708283,VS0,VE0
etag: "72c2c0d1544367ee82097199e5530397"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 15732

GET
H2 200 vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js Show response
assets.vidyard.com/play/js/ Frame DC6E 613 KB
104 KB 24ms
23ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f4a3f225d323ee7fe97da693ef576867cc05e926c1f7aeb2a616f1c642a2756c

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 3631720
x-cache: HIT
content-length: 106429
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 26 Oct 2021 14:29:25 GMT
x-timer: S1638890354.708380,VS0,VE0
etag: "ff3583515bfe8908a2a24ca2d31eb771"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 15876

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.css
assets.vidyard.com/play/stylesheets/ Frame DC6E 37 KB
7 KB 26ms
26ms Stylesheet
text/css 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-ee266757d7cf4509f752928005efa6b0.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 721
x-cache: HIT
content-length: 7214
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.708760,VS0,VE0
etag: "2f04b4119c443de15975abfa7a6b652f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.js Show response
assets.vidyard.com/play/js/ Frame DC6E 240 KB
50 KB 27ms
26ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-ee266757d7cf4509f752928005efa6b0.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c2d9d4dccb590961368eddaf1aa8418859e14b89185683f5e21c7fc236f2f88

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 722
x-cache: HIT
content-length: 50557
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.709148,VS0,VE0
etag: "f520e390a3c0f1c5190dc4198a01ed57"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 6-241e779290e5feb64c859f7818761e3b.js Show response
assets.vidyard.com/play/js/ Frame 45DF 282 KB
67 KB 7ms
6ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a5216d98891ff17eec610106008274e1a0ce9dd6c0487e911b00cd9eea61a723

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 2302162
x-cache: HIT
content-length: 68491
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 09 Nov 2021 16:42:06 GMT
x-timer: S1638890354.799216,VS0,VE0
etag: "b669dbd384a448684ba8e102ad197084"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 13188

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.css
assets.vidyard.com/play/stylesheets/ Frame 45DF 181 B
219 B 12ms
12ms Stylesheet
text/css 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/35-21e95937aa5ae9450002d53b05474e64.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 721
x-cache: HIT
content-length: 103
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.799316,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.js Show response
assets.vidyard.com/play/js/ Frame 45DF 13 KB
4 KB 13ms
13ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/35-21e95937aa5ae9450002d53b05474e64.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a4effdf48ccd47198cfd468497a9c991bbccabefec2748258bb20d15001f46a

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 721
x-cache: HIT
content-length: 3941
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.799391,VS0,VE0
etag: "478133b3072855da33da145d7873b930"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3

GET
H2

200

72c7c0397b3d11203ba8a8.jpg
cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/ Frame 45DF
Redirect Chain

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

37 KB
38 KB

16ms
16ms

Image
image/jpeg

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:14 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 70560
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38093
last-modified: Thu, 12 Aug 2021 21:28:14 GMT
server: AmazonS3
etag: "fac35442dc3f54400feda4067e98bdc9"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: .4W53FlrEOMwGZ_0xSp_2Ygzm.6IzDtB
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: KcuoiNopCSEGGmO4qKxW6EJ6u8Be3ePMnRmuXti4-LZKXfMcD1U0ag==

Redirect headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
age: 1232607
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
x-timer: S1638890354.821075,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

OPTIONS
H2 200 visitors
raw.vidyard.com/v2/ Frame 0
0 330ms
105ms Preflight
text/html 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 15:19:14 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

POST
H2 200 visitors Show response
raw.vidyard.com/v2/ Frame 45DF 50 B
195 B 111ms
111ms XHR
application/json 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash: fc4cc61d57f6c967219dc11e5a6454aac30bda88592fd450df8fc9e2f2413b02

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Tue, 07 Dec 2021 15:19:14 GMT
x-vidyard-hostname: 580cf0637b4b
content-length: 50
content-type: application/json; charset=utf-8

GET
H2 200 6-241e779290e5feb64c859f7818761e3b.js Show response
assets.vidyard.com/play/js/ Frame DC6E 282 KB
67 KB 8ms
7ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a5216d98891ff17eec610106008274e1a0ce9dd6c0487e911b00cd9eea61a723

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 2302162
x-cache: HIT
content-length: 68491
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 09 Nov 2021 16:42:06 GMT
x-timer: S1638890354.864558,VS0,VE0
etag: "b669dbd384a448684ba8e102ad197084"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 13189

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.css
assets.vidyard.com/play/stylesheets/ Frame DC6E 181 B
185 B 6ms
6ms Stylesheet
text/css 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/35-21e95937aa5ae9450002d53b05474e64.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 721
x-cache: HIT
content-length: 103
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.864573,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.js Show response
assets.vidyard.com/play/js/ Frame DC6E 13 KB
4 KB 7ms
7ms Script
application/javascript 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/35-21e95937aa5ae9450002d53b05474e64.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a4effdf48ccd47198cfd468497a9c991bbccabefec2748258bb20d15001f46a

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:19:13 GMT
content-encoding: br
vary: Accept-Encoding
age: 721
x-cache: HIT
content-length: 3941
via: 1.1 varnish
x-served-by: cache-fra19153-FRA
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1638890354.864598,VS0,VE0
etag: "478133b3072855da33da145d7873b930"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/ Frame DC6E
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
32 KB

10ms
9ms

Image
image/jpeg

143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Protocol: H2
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 22:33:18 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 492356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31938
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: AmazonS3
etag: "09c372482f3c326fb5c1843a299311cb"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 2qLAm-m_1sTF9P8siksxNgyd3YKCVxbLyMCSIwUtkPtTSHjgXbLBGA==

Redirect headers

date: Tue, 07 Dec 2021 15:19:13 GMT
via: 1.1 varnish
age: 530073
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-fra19162-FRA
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1638890354.868806,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 stream_master_RtcVrDjfAXmpWl9y5iXGcA.m3u8 Show response
cdn.vidyard.com/hls-videos/YvObiWtYb5w6krHWNJwZJw/ Frame 45DF 665 B
1 KB 35ms
16ms XHR
application/vnd.apple.mpegurl 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/hls-videos/YvObiWtYb5w6krHWNJwZJw/stream_master_RtcVrDjfAXmpWl9y5iXGcA.m3u8?VKTPU-zTL6ZRpNpaPCFX35d5OWOHsMkjX1lH-wQvQuIFJUlTAZO9LIQLb4POjw83YxZly52vMg7e4kXbRHcKqZPtbemUTeUQt6NJGq87CvaFNcioeryTiud6qZ3WsHJg_36X_7gxJQz4BGJ6A3wPS9bBHs33x88KDHmwTSIbRJGjsbBZtUmeYJke7YZWxDUZjQd5
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8be8762a9f70ca77a0c26968f26891b218e171087a2a97fc71ee9cd634fde31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:20 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
vary: Origin
x-cdn: cloudfront
age: 70554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 665
last-modified: Thu, 12 Aug 2021 21:28:15 GMT
server: AmazonS3
etag: "691090f9e03a180cde06d54d529b7ad0"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: GdkoY1l1lf1.ItLb65wgTdGwBl0V0nBL
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/vnd.apple.mpegurl
x-amz-cf-id: oCiC6Mp85XduJX79za4IVmVEBgUgR4k4knxUdxPfZ38rCYx9OH0psw==

GET
H2 200 stream_master_7svCeAxuZBSRt2wTPXovaA.m3u8 Show response
cdn.vidyard.com/hls-videos/8Mq5tIGVA_VUZcSHjlwgZQ/ Frame DC6E 666 B
1 KB 31ms
14ms XHR
application/vnd.apple.mpegurl 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/hls-videos/8Mq5tIGVA_VUZcSHjlwgZQ/stream_master_7svCeAxuZBSRt2wTPXovaA.m3u8?c09mtwLVpKinxLVL-yTm3Plne3GoSatSCHfx4zPMUw6G-5fTgqfMfCD8vwga-BQEtpGW3kpobzpNOMKkMfTVzK6M7U-idnfdL0AS_MrFy8NSvx0c-B6coQ0AV2CuUeeS60W_x9jG7MynheEDdwqEBdlYTQkdMSluL29tKx9cdho7r53oZSBLGma0_WHWsWWWZMbs
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b75262dcc42f4ecb54a9fde84af21d6dbf93a6d46a8f2cc4e7f83b5324db9ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:04:14 GMT
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
vary: Origin
x-cdn: cloudfront
age: 116100
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 666
last-modified: Tue, 10 Aug 2021 22:02:56 GMT
server: AmazonS3
etag: "4831024ba7699cf1aa197ac051b4a1d1"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: 5E6U0XgDryp8K72VQiIGFOqeY20ClVft
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/vnd.apple.mpegurl
x-amz-cf-id: 8b1nGM4vpMk2kbqmn6coqQyREL8X-nr5TYOqdQvEP-2RwEwof9cNgg==

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame 45DF 68 B
213 B 109ms
109ms XHR
application/json 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash: 0d8cc9eec9cb004cda21bdb015f6a3b93a1092f38fd3b3519193443fabcf7e2b

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Tue, 07 Dec 2021 15:19:14 GMT
x-vidyard-hostname: 580cf0637b4b
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 104ms
104ms Preflight
text/html 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 15:19:14 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame DC6E 68 B
213 B 109ms
109ms XHR
application/json 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash: 14c9dc15b1e1518356d8f335a92259531dcc471631d6cfa20cb85ecdb971e014

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Tue, 07 Dec 2021 15:19:14 GMT
x-vidyard-hostname: d875515dd71b
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 106ms
105ms Preflight
text/html 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 15:19:14 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 191ms
190ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=36bb100296380000707baf617301000085917900&session=962138ab-85e5-4b40-8ccd-c9426ba1dc20&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20Dec%202021%2015%3A19%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20Dec%202021%2015%3A19%3A12%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222020%22%7D&isIframe=false&m=%7B%22description%22%3A%22Mandiant%20Threat%20Intelligence%20is%20a%20comprehensive%20SaaS%20platform%20that%20provides%20relevant%20cyber%20threat%20intelligence%20so%20you%20can%20focus%20on%20the%20threats%20that%20matter%20now.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free%22%7D&cb=&r=https%3A%2F%2Fpages.fireeye.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&pageViewId=12fb1022-1fc5-45b4-8f76-9d884410d62f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:14 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 178ms
178ms Image
image/gif 104.111.233.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=1322340356018696d853e0ac6f7ce3a2&svisitor=36bb100296380000707baf617301000085917900&session=962138ab-85e5-4b40-8ccd-c9426ba1dc20&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2007%20Dec%202021%2015%3A19%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2007%20Dec%202021%2015%3A19%3A13%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223021%22%7D&isIframe=false&m=%7B%22description%22%3A%22Mandiant%20Threat%20Intelligence%20is%20a%20comprehensive%20SaaS%20platform%20that%20provides%20relevant%20cyber%20threat%20intelligence%20so%20you%20can%20focus%20on%20the%20threats%20that%20matter%20now.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free%22%7D&cb=&r=https%3A%2F%2Fpages.fireeye.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGw-WRtbxBSNGNcD5NPvIYCPwE_Swq9C0NEM90EUEgEdQFjnNMxlNfYptKagpSM3PZ9ONss6gZXFIs3gA_bb5xpvgRKZMHMH6W-y09KHSnBkU0c&pageViewId=12fb1022-1fc5-45b4-8f76-9d884410d62f&an_uid=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.233.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-233-140.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:19:15 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Tue, 05 Oct 2021 22:17:52 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "615ccf10-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=v35uc6k7yvxs

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=1kqhio3m3z4

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pages.fireeye.com/	1970-01-19 23:14:52	Name: __cf_bm Value: u4V1B9T8TLJPM8iE4v1wsiWl2h2c7_YkJQ2PD6moAnE-1638890350-0-AUtKaUj0TBM1Pa0LdzkA1GBoxw3Wb1ONJgGMvM2xZ2WaopKBXIILiftzJTV9SfbhJ/rupDiNW9KRdHAOpK361oI=
.www2.fireeye.com/	1970-01-19 23:14:52	Name: __cf_bm Value: pvt1fN1_1rjrLjr1rKWbz6__uJxgbzJNdHY5Rcvtr50-1638890351-0-ATZe0onl9hdRWCz6H3dnLdyyL8uO6wYHq96lLzYsqw6/9TJ7Tm94z0zingCBJWIwtFBsG7EyxHXPTNV+XTyVT0Q=
.d41.co/	1970-01-20 08:00:26	Name: D41ID Value: v3\|v4\|28538585a5aa4efebeb76f1ca4e9eb4b\|https://d41.co
.d41.co/	1970-01-19 23:14:50	Name: D41IDT Value: 81d1e10e334c40c6ae3549c0ac1dc49f
.6sc.co/	1970-01-20 16:46:02	Name: 6suuid Value: 36bb100296380000707baf617301000085917900
.bing.com/	1970-01-20 08:36:26	Name: MUID Value: 115319FFA6F96F2A13E108F9A72B6E79
.mandiant.com/	1970-01-20 16:46:02	Name: _mkto_trk Value: id:177-VPK-082&token:_mch-mandiant.com-1638890351860-31683
www.mandiant.com/	1970-01-20 16:46:02	Name: _gd_svisitor Value: 36bb100296380000707baf617301000085917900
.mandiant.com/	1970-01-19 23:16:16	Name: _uetsid Value: 08073ac0577111eca639535349608ba7
.mandiant.com/	1970-01-20 08:36:26	Name: _uetvid Value: 08072700577111ec81a5299bcd15b330
www.mandiant.com/	1970-01-19 23:24:55	Name: _an_uid Value: 0
www.mandiant.com/	1970-01-20 16:46:02	Name: _gd_visitor Value: aee12143-53dd-4fa8-879e-64f5cbc914ee
www.mandiant.com/	1970-01-19 23:15:04	Name: _gd_session Value: 962138ab-85e5-4b40-8ccd-c9426ba1dc20
.mandiant.com/	1970-01-20 01:24:26	Name: _fbp Value: fb.1.1638890351967.1918737103
.mandiant.com/	1970-01-20 08:00:26	Name: ajs_anonymous_id Value: 664d36bb-4f37-4038-aa60-799217c21ee6
.twitter.com/	1970-01-20 16:46:02	Name: personalization_id Value: "v1_03G6uCLpR8bE1KZhnwC+4A=="
.bidr.io/	1970-01-20 08:43:20	Name: bito Value: AAETCU7DXvcAACoct4Xh-w
.bidr.io/	1970-01-20 08:43:20	Name: bitoIsSecure Value: ok
.company-target.com/	1970-01-20 16:46:02	Name: tuuid Value: 72c2291f-58ed-40a9-9fd9-b2e0adf2cb48
.company-target.com/	1970-01-20 16:46:02	Name: tuuid_lu Value: 1638890352
.linkedin.com/	1970-01-19 23:58:02	Name: UserMatchHistory Value: AQJ4FfdbGdeVCwAAAX2VejBnAQLBDywvTpIhDKu92m1WWBIpFLbuJagdrHuoJOByB5PRE-I1DKbjTg
.linkedin.com/	1970-01-19 23:58:02	Name: AnalyticsSyncHistory Value: AQJFgaqnnA-JlgAAAX2VejBnBGNSSJ2Ebbf98_WjVu_vh-BqOfbKuEK80l0FeS6O3paM11PcLaAA5EvYcVSR4g
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:46:44	Name: bcookie Value: "v=2&91eb09f3-8c77-4223-88a5-07b4a51cd9fb"
.linkedin.com/	1970-01-19 23:16:16	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2175:u=1:x=1:i=1638890352:t=1638976752:v=2:sig=AQH5fFncV_Sv4ewsDl8JE96eAsSzAmYd"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:46:44	Name: bscookie Value: "v=1&20211207151912f03f31d2-4abc-44d8-84b8-d283c0517cdeAQFj0VccGAhLCvxamg00ZUZuNQZsbQVw"
.linkedin.com/	1970-01-20 16:45:19	Name: li_gc Value: MTswOzE2Mzg4OTAzNTI7MjswMjHN3CZE7ohfUxhnDLh+aPjDPmO17sWQsIA3Oa9w45Adog==
.mandiant.com/	1970-01-20 01:24:26	Name: _gcl_au Value: 1.1.1366996721.1638890352
.mandiant.com/	1970-01-20 16:46:02	Name: _ga_X6642ZTDJ7 Value: GS1.1.1638890351.1.0.1638890351.0
.mandiant.com/	1970-01-20 16:46:02	Name: _ga Value: GA1.2.1128117256.1638890353
.mandiant.com/	1970-01-19 23:16:16	Name: _gid Value: GA1.2.1621258371.1638890353
.mandiant.com/	1970-01-19 23:14:50	Name: _dc_gtm_UA-203244293-1 Value: 1
.doubleclick.net/	1970-01-20 08:36:26	Name: IDE Value: AHWqTUmsdHUk43OG-OlERJMnUiouyIRsCzRR9QBMfzTGFILjCYoix6l33176vt5Hz2U
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 66b08875ef112ef2

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://play.vidyard.com/embed/v4.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11363283.fls.doubleclick.net
11449174.fls.doubleclick.net
177-vpk-082.mktoresp.com
adservice.google.com
analytics.twitter.com
api.company-target.com
api.segment.io
assets.vidyard.com
b.6sc.co
bam.nr-data.net
bat.bing.com
c.6sc.co
cdn-0.d41.co
cdn.segment.com
cdn.vidyard.com
cdnjs.cloudflare.com
connect.facebook.net
consent.trustarc.com
epsilon.6sense.com
ff.d41.co
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
j.6sc.co
js-agent.newrelic.com
match.prod.bidr.io
munchkin.marketo.net
pages.fireeye.com
play.vidyard.com
px.ads.linkedin.com
px4.ads.linkedin.com
raw.vidyard.com
secure.adnxs.com
segments.company-target.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tag.demandbase.com
vff4596.d41.co
www.facebook.com
www.fireeye.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.mandiant.com
www2.fireeye.com
www.google.com
104.111.233.140
104.111.234.67
104.17.72.206
104.17.74.206
104.244.42.195
104.244.42.69
108.174.10.14
13.224.189.27
13.224.197.80
13.225.87.16
13.225.87.31
13.225.87.38
142.250.185.70
143.204.98.112
143.204.98.28
151.101.1.181
151.101.12.157
151.101.2.137
162.247.242.18
185.33.221.14
192.28.147.68
2606:4700:10::ac43:2794
2606:4700:300b::a29f:f17d
2606:4700:300b::a29f:f67d
2606:4700::6810:125e
2620:119:50e8:101::9002:f05
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c0c::9a
2a02:26f0:6c00::210:ba08
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.81.78
3.220.98.13
3.224.194.123
3.89.170.15
34.248.11.216
35.244.174.68
54.218.116.118
0250ba90c205a063003c46154d894c8229a97ecfe3919443af9be595c0ad1ccc
028b96f2b8cc2941c1c0019dddd2b032245d901c3b2bbb745b87d7f66cb5f92e
03bef1eeac54d221d1da744095e12a9caae78fb47a16f0d9a7598fa83cd79fcf
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05e194a8989345d1dc8f7cb8f4cb18889f85336a758db302c042fd94d7fbf1f5
070791c98e0c1770cac70123ac86fca6e7281b7aec1cc82d413afa3635d5e560
07ed649e749e9698e805596809e2ede372229183ddb6b38fc96f696cff02f085
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0b0ecf142eb5ef4d200997425c9131b8505bce076ffd309923eee8f6a58e1f38
0c9ab3e7109f42ef98afbad438ec60278ecafc571622d8b190a35c733dbcc0f6
0d8cc9eec9cb004cda21bdb015f6a3b93a1092f38fd3b3519193443fabcf7e2b
0dde8a958cbd60287193a1529dbc88467001e648d9fb7943ecd5528515d5d169
0df6dda0ca4d7be90c9b60be736dcacc1deacad453827e7a05ebfb57b1faa097
0eab324aea216ff6432155a5cdbd59b7c1429f7d27be852f9dd037c7ade0377c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125011b4ce1ec07e7cda316c0c68396f03f4929979bcb12442e8b4be311dcda4
1251e82f7c1ccbda6a9c2db4c9cdee12f4ecb01d1f2643fc74e61c2f9e630111
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
14c9dc15b1e1518356d8f335a92259531dcc471631d6cfa20cb85ecdb971e014
15c04c5e94915da36794ad105d12deff3f80f1aa5da08ae7ec39cc16d3756de3
185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05
1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
1fae616af15fbd4cbf9bcaf860d1a1412b112cc2e3939c8d7e15a2bdb6299f6a
201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b
220d5ce30e3fafb20d9a5170cd96a9e6a5f5278042230aedbda8151e6ae4d21c
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
26e6996216334ee71ef0bdc967a8f41b264eb3687fe5f12022de519368120c59
2707e48726a3f7ec48a1d1aec9738f20b36bac1535cfa9de2e4d92310c4e7e7a
2988cbe5b7968963ffc78f3e31cc567e20214ba18aa171bc741d2b934ffd553f
2a4effdf48ccd47198cfd468497a9c991bbccabefec2748258bb20d15001f46a
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44cc0a59361505bbaa3e701d19ffbb7d9dc71afa75ffb03562f3b229ea8460b1
45b9e3163d849e17b040b9e163f18d1767078d18bd2a9948a2810ca549bf1a6f
4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4ecd284b8811543e88f4c470ba7b3fe3f4b7a458c512bb92ab41d2b491aee6ca
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
5290d74adbcea5559af25b922914cc5ef5f37b721dd91f2bde1a6d61469c892b
52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183
52fa9fdb778b6ce9bd46d3f5a1f9fb9cbe02fca84b0f2f17f9c0653d66418435
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bb38afdb0c9c4ca64d4a65799e3fffa4e61b7ef89db4446c0d253144e8d97b9
5c2d9d4dccb590961368eddaf1aa8418859e14b89185683f5e21c7fc236f2f88
5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61a8ec834876822a2f8b652ce8616e09a8cc96d8c34b7f5ca1fb34fa06b0a03e
65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f
65be7e38d2dd34310f31924337a5960a7914ace32b18fc267f39736360c80e28
6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d
6b75262dcc42f4ecb54a9fde84af21d6dbf93a6d46a8f2cc4e7f83b5324db9ca
6bfe6a2d2c04d3e78dfd1dce0151d9f087ffe169b6b9568d30f45b937e27f6f7
6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90
6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e
71b5da7d2b1187bcf2851c55bee08715f7b5896352b3fa404673a1317540a44a
7582f1ce2b50afe0c64f6da84ed7104462c073ef5d4d8054b1cc7cecf6da0f49
7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55
78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e
7828ebb92405ca42a56ed0b59a2bc0ebfd6f82051ddae2955ddee148369d35fa
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cb9efe9226cab0669f7f6cdf082ec49a48a58f6411b69864b6f952928b979a
8d1a7d3520fe96ab6563cc556a5f3a04e8faecf56a188357ba587a283d9cdb48
9537e3f5594de1f0ff9699c91ce421f2deb6db5929e7b7c5735deebbb6f3b214
97e7573ee44deaa2a2da4d901e4a40181959517f2cfd036c78e8d8555dea111c
9ba17fa97dfcf22b549ac3362f681c82a8c654a5a9a63f8e4a6a071c8f049c17
9e111614ac18cf0c829a3dbfc6aff736c03536ec281330daf38e4bb3fb6ddfca
9eb73fa70ca321417ef27a21ae91254a4ccd3e00e328f0ef6e800389eb631dff
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9
a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29e92b61e28d33c457c5f690d3df6f5f7de9d40e2475eccd2e20ea9b35447d1
a5216d98891ff17eec610106008274e1a0ce9dd6c0487e911b00cd9eea61a723
a8be8762a9f70ca77a0c26968f26891b218e171087a2a97fc71ee9cd634fde31
a8ebbe9b4f71b7b2483fff568469c24b7e5443623d6704f7cb7d8e30804f397f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae4e360b00b933d5c83d792b3cad8423b88cacb13d72bf9c965b730a704d4b00
ae9b6992120a7f1ba2d3ada838be76d4a630980938865d09a19410a891f19d25
af893638a2d983d9d79b699ab8ae2f7f507a67c4bca1911b9a377a7c6f44a2e9
af91853553f6166cafa6bc6b7143263897c1123897fae0e73ac16413b7893a1a
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44
b49156d5e01eb825b83327e4439ca9fc58e441441a1f63e1189c28bfe517ce3a
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
be0807b2d562082eaee06985a3d8f1ffa3298e8777e134367cdbe5d75de7742f
be216714668eddc238963c4d3a7766c9eedc61483913a0dd4d9406d659c47f5a
bfb5086403ba1c7a9d2f2decb862c8696e41f40da890dd199cb9115b27f86ede
c26f369723641f427bab98b5bc443dc53d673e944d66262d4e7ec1412f479b6f
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c71a15e3da3374ea8c01311cb4f75b7d764949ad17e78be797b17e4038262c44
cb66289410723096af337ffed50fb8b9054b84dfd4e3950f6fcada726ed7dedf
d8d3f401175e39c476c08dd68216c445af259f6a4cf8ac93ba2e57801cd124a3
da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
dedcacb28bd3eb42228a296b586566a7b68fde7958e254f83f72a79bc8467865
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d5375c5c42c888e2166d20b83b4e50a5324c03572ff52d27e6e8da11988822
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f4a3f225d323ee7fe97da693ef576867cc05e926c1f7aeb2a616f1c642a2756c
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f83d14dfe076a9b57aef5ed354df427e19bc4695e85a57274eff125dff2442b2
fa2e16667d8d37a4e77806f3640b528f5e01b086a1300761bace4c3974db383d
fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e
fc4cc61d57f6c967219dc11e5a6454aac30bda88592fd450df8fc9e2f2413b02
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff358b1e3b643b9432dd2970f1afdda9e5b101ec52ad59546b5f8043a02e0a61

www.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f17d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

178 Requests

94 %HTTPS

39 %IPv6

34 Domains

51 Subdomains

44 IPs

6 Countries

3391 kBTransfer

9323 kBSize

35 Cookies

10 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

94 %
HTTPS

39 %
IPv6

34
Domains

51
Subdomains

44
IPs

6
Countries

3391 kB
Transfer

9323 kB
Size

35
Cookies

178 HTTP transactions
2 data transactions