www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mandiant.com/resources/log4shell-recommendations
Submission: On August 16 via api (August 16th 2022, 10:18:09 am UTC) from IL — Scanned from DE

Summary HTTP 77 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 14 domains to perform 77 HTTP transactions. The main IP is 2606:4700:300b::a29f:f07d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com. The Cisco Umbrella rank of the primary domain is 404730.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:300... 2606:4700:300b::a29f:f07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.32.121.85 13.32.121.85	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::ac43:2be9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.206.118 52.222.206.118	16509 (AMAZON-02) (AMAZON-02)
2	34.211.183.198 34.211.183.198	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223e:8200:1b:45dc:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
77	19

32 2606:4700:300b::a29f:f07d (United States)

ASN13335 (CLOUDFLARENET, US)

www.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.121.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-85.fra60.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2be9 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-118.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.211.183.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-183-198.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:8200:1b:45dc:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

hi.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	mandiant.com www.mandiant.com — Cisco Umbrella Rank: 404730	863 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	888 KB
7	google.com www.google.com — Cisco Umbrella Rank: 10	48 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	20 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2540	40 KB
3	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4130 api.amplitude.com — Cisco Umbrella Rank: 1341	26 KB
3	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 16177 hi.hellobar.com — Cisco Umbrella Rank: 44796	79 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3860	28 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	172 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 283	721 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	858 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 402	14 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
77	14

	Domain	Requested by
32	www.mandiant.com	www.mandiant.com
9	www.gstatic.com	www.google.com
7	www.google.com	www.mandiant.com www.gstatic.com www.google.com
6	consent.trustarc.com	www.mandiant.com
4	www.google-analytics.com	www.googletagmanager.com
3	static.addtoany.com	www.mandiant.com static.addtoany.com
2	region1.google-analytics.com	www.googletagmanager.com
2	api.amplitude.com	cdn.amplitude.com
2	my.hellobar.com	www.googletagmanager.com my.hellobar.com
2	www.googletagmanager.com	www.mandiant.com www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	bam.nr-data.net	js-agent.newrelic.com
1	hi.hellobar.com
1	fonts.googleapis.com	my.hellobar.com
1	js-agent.newrelic.com	www.mandiant.com
1	cdn.amplitude.com	cdn.jsdelivr.net
1	cdn.jsdelivr.net	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.mandiant.com
77	18

This site contains links to these domains. Also see Links.

Domain
investors.mandiant.com
login.mandiant.com
www.mandiant.fr
www.mandiant.de
www.mandiant.jp
www.mandiant.kr
www.mandiant.es
www.mandiant.it
cve.mitre.org
logging.apache.org
www.cisa.gov
www.microsoft.com
www.cvedetails.com
github.com
gist.github.com
www.splunk.com
access.redhat.com
docs.aws.amazon.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
partners.fireeye.com
trustarc.com

Subject Issuer	Validity	Valid
mandiant.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.hellobar.com Amazon	`2021-11-15` - `2022-12-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.mandiant.com/resources/log4shell-recommendations
Frame ID: 23EC4FDB6F1FDF50B445E1D7B8C4BAB6
Requests: 59 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 2529D6BC09CBDE063B7BEAF4F3FA0A19
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Lato
Frame ID: E19132DDA02C830A1AFCCCBD0575EED4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=sk7nm19oyt8b
Frame ID: A05AD013AF9A75F01C760D83ADF955FA
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=compact&cb=cgpfyxwb1nuh
Frame ID: E0F44FFF0F6E462B23EBF8F060DC2E2D
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 2A4B53312F7787408478F24197A9DDAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: ABBCAA026E2D0D965F4DC3193F521F3C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log4Shell Initial Exploitation and Mitigation Recommendations | Mandiant

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

77
Requests

100 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

2188 kB
Transfer

5209 kB
Size

3
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://investors.mandiant.com/home/default.aspx
Title: Investor Relations Financial and shareholder information

Search URL Search Domain Scan URL

URL: https://login.mandiant.com/
Title: Sign in to Advantage

Search URL Search Domain Scan URL

URL: https://www.mandiant.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.mandiant.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.mandiant.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.mandiant.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.mandiant.es/
Title: Español

Search URL Search Domain Scan URL

URL: https://www.mandiant.it/
Title: Italian

Search URL Search Domain Scan URL

URL: https://investors.mandiant.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44832
Title: CVE-2021-44832

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/log4j-2.12.3/
Title: 2.12.3

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/log4j-2.3.1/
Title: 2.3.1

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105
Title: CVE-2021-45105

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/changes-report.html#a2.17.0
Title: 2.17.0

Search URL Search Domain Scan URL

URL: https://www.cisa.gov/emergency-directive-22-02
Title: Emergency Directive 22-02

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/
Title: threat actors based in other countries

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/
Title: Log4j 2

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Title: CVE-2021-44228

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046
Title: CVE-2021-45046

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/changes-report.html#a2.16.0
Title: 2.16.0

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/log4j-2.3.2/
Title: 2.3.2

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/log4j-2.12.4/
Title: 2.12.4

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/log4j-2.17.1
Title: 2.17.1

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104
Title: CVE-2021-4104

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/1.2/
Title: end of life

Search URL Search Domain Scan URL

URL: https://www.cvedetails.com/cve/CVE-2019-17571/
Title: high severity security vulnerabilities

Search URL Search Domain Scan URL

URL: https://github.com/projectdiscovery/nuclei
Title: Nuclei

Search URL Search Domain Scan URL

URL: https://github.com/fox-it/log4j-finder
Title: log4j-finder

Search URL Search Domain Scan URL

URL: https://github.com/fullhunt/log4j-scan
Title: log4j-scan

Search URL Search Domain Scan URL

URL: https://github.com/anchore/syft
Title: syft

Search URL Search Domain Scan URL

URL: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
Title: matching patterns of potential exploitation attempts

Search URL Search Domain Scan URL

URL: https://www.splunk.com/en_us/blog/security/log-jammin-log4j-2-rce.html
Title: correlating any observed instances

Search URL Search Domain Scan URL

URL: https://github.com/cisagov/log4j-affected-db
Title: GitHub

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/security.html
Title: reported

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/2.x/changes-report.html#a2.15.0
Title: 2.15.0

Search URL Search Domain Scan URL

URL: https://logging.apache.org/log4j/log4j-2.12.2/
Title: 2.12.2

Search URL Search Domain Scan URL

URL: https://access.redhat.com/security/vulnerabilities/RHSB-2021-009
Title: RedHat

Search URL Search Domain Scan URL

URL: https://gist.github.com/fox-srt/6b3735cf0f0855fcaf7a74f146025c5a#file-log4shell-exploitation-attempts-rules
Title: signatures

Search URL Search Domain Scan URL

URL: https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
Title: evolving evasion tactics

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
Title: example environment variables that can be configured for Amazon Web Services

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mandiant

Search URL Search Domain Scan URL

URL: https://twitter.com/Mandiant

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCexu0DP7VKdDByusuTA53FQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mandiant/

Search URL Search Domain Scan URL

URL: https://partners.fireeye.com/English/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://trustarc.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request log4shell-recommendations Show response
www.mandiant.com/resources/ 149 KB
32 KB 544ms
485ms Document
text/html 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcdde07d3a5949f74a4aa24c71d6e28d3623dac44942e4e1ddbc2d051aeb83f0

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 254
cache-control: max-age=2764800, public
cf-cache-status: DYNAMIC
cf-ray: 73b96c6f6b87bbbf-FRA
content-encoding: gzip
content-language: en
content-length: 32206
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Tue, 16 Aug 2022 10:18:01 GMT
etag: "1660644826"
expect-ct: max-age=86400
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Tue, 16 Aug 2022 10:13:46 GMT
link: <https://www.mandiant.com/resources/log4shell-recommendations>; rel="alternate"; hreflang="en", <https://www.mandiant.jp/resources/log4shell-recommendations>; rel="alternate"; hreflang="ja"
permissions-policy: interest-cohort=()
referrer-policy: strict-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: v-1d80ab36-1d4c-11ed-86dc-635f43eb43fb
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 google_tag.script.js Show response
www.mandiant.com/sites/default/files/google_tag/google_tag_manager/ 348 B
426 B 54ms
48ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?rgo1s7

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62267
x-cache: HIT
x-ah-environment: prod
content-length: 280
x-request-id: v-6660d92a-1cbb-11ed-a295-8f7c0e287e6a
last-modified: Mon, 15 Aug 2022 16:57:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c72a8e2bbbf-FRA
x-cache-hits: 30

GET
H2 200 css_AMa9Ay_2VJp74A1R3f42zIWSZRJHTuHZnzLrg5DliQo.css
www.mandiant.com/sites/default/files/css/ 11 KB
3 KB 92ms
87ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_AMa9Ay_2VJp74A1R3f42zIWSZRJHTuHZnzLrg5DliQo.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c6bd032ff6549a7be00d51ddfe36cc85926512474ee1d99f32eb8390e5890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1019398
x-cache: MISS
x-ah-environment: prod
content-length: 2869
x-request-id: v-6212647a-0900-11ed-9d01-678141f3d08f
last-modified: Fri, 15 Jul 2022 07:00:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c72a8dbbbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 94ms
37ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1088812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4364
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Bst%2BnIXSi%2BeT%2BcTWF%2BUskLKHQuVlXRGmidzQnL%2BmcHYQ0ZEI55DckP0%2FDDow9V5lZl2s1VgRL0kQEuEBNpXi87xENc88JQGmxE1E1H4S4j2l%2F1YPhsb5bjF%2B3ZRtwpWudO7MWKH8o2uesws6pDOTk%2Bu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73b96c72fadb9150-FRA
expires: Sun, 06 Aug 2023 10:18:02 GMT

GET
H2 200 css_JIqh2ZS2sxtsOPGcmOLIwnXHmcSfCmFpuPb7flHTjSM.css
www.mandiant.com/sites/default/files/css/ 144 KB
21 KB 92ms
88ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_JIqh2ZS2sxtsOPGcmOLIwnXHmcSfCmFpuPb7flHTjSM.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248aa1d994b6b31b6c38f19c98e2c8c275c799c49f0a6169b8f6fb7e51d38d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 480014
x-cache: HIT
x-ah-environment: prod
content-length: 21763
x-request-id: v-8b1c5322-0ab7-11ed-b72b-233607f15262
last-modified: Thu, 21 Jul 2022 15:38:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c72a8dcbbbf-FRA
x-cache-hits: 60

GET
H2 200 css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
www.mandiant.com/sites/default/files/css/ 400 KB
45 KB 92ms
88ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f758c4520ea8abe1ae7432c637b55e28246f124cc7910987b18b53fc49bd33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 611848
x-cache: HIT
x-ah-environment: prod
content-length: 46147
x-request-id: v-74fcad6a-17bb-11ed-bd15-a3cf4c676073
last-modified: Tue, 09 Aug 2022 08:10:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c72a8ddbbbf-FRA
x-cache-hits: 7

GET
H2 200 js_XBcwvZgni4Dy492wJEdbHHCn_qVkg5CqNNIp9ePdPqk.js Show response
www.mandiant.com/sites/default/files/js/ 102 KB
35 KB 48ms
45ms Script
text/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_XBcwvZgni4Dy492wJEdbHHCn_qVkg5CqNNIp9ePdPqk.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c1730bd98278b80f2e3ddb024475b1c70a7fea5648390aa34d229f5e3dd3ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 355422
x-cache: HIT
x-ah-environment: prod
content-length: 35296
x-request-id: v-53bd08ec-0f10-11ed-ae60-b375e4569778
last-modified: Fri, 29 Jul 2022 07:30:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c72a8dfbbbf-FRA
x-cache-hits: 12

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
994 B 166ms
35ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dc363660132cb70943cdf8c4a86d6f946a969b68974c9c3d0a425a90942f426

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 10:18:02 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 129ms
43ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ab83a5ddc3b0d7f10f7d165e3e334de42ad254a1a84ab89b7cfba1e3b131b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116757
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 07 Aug 2022 01:47:09 GMT
server: cloudflare
etag: W/"abe-5e59ce0951c4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 73b96c745b2a5c20-FRA
cf-bgj: minify

GET
H2 200 js_puQq5nm5Sph8e2DB6wL5bzqUylWLYyol4gH5H77JHxU.js Show response
www.mandiant.com/sites/default/files/js/ 223 KB
68 KB 64ms
61ms Script
text/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_puQq5nm5Sph8e2DB6wL5bzqUylWLYyol4gH5H77JHxU.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6e42ae679b94a987c7b60c1eb02f96f3a94ca558b632a25e201f91fbec91f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1189836
x-cache: HIT
x-ah-environment: prod
content-length: 68961
x-request-id: v-f13b6e48-1257-11ed-9dda-efb4de2d7e5f
last-modified: Fri, 22 Jul 2022 08:14:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c72a8e0bbbf-FRA
x-cache-hits: 23

GET
H2 200 eb5srz Show response
consent.trustarc.com/v2/notice/ 73 KB
21 KB 216ms
144ms Script
text/javascript 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/v2/notice/eb5srz

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

f576a0f509bfab085122d2e1a7a2b12f496b6df8c5b618c459728b191265ac17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
x-amz-cf-pop: FRA60-P1
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-amz-cf-id: e7luC1-lqhkcb0BxGx7RvetOlNTKVjCCfh3dUbcfEBmf-A1VR-6LkA==

GET
H2 200 fontloader.built.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 55ms
42ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1041536
x-cache: HIT
x-ah-environment: prod
content-length: 2334
x-request-id: v-6900326e-ed5b-11ec-aa30-4fcf06df649e
last-modified: Wed, 09 Mar 2022 18:16:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c741b6abbbf-FRA
x-cache-hits: 81

GET
H2 200 974.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 11 KB
4 KB 103ms
97ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?6fa3d5

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_puQq5nm5Sph8e2DB6wL5bzqUylWLYyol4gH5H77JHxU.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98d7c4fe1604e08c228b1c8756ccfed58659528670ee420520d157e3787b9f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1043833
x-cache: HIT
x-ah-environment: prod
content-length: 3374
x-request-id: v-77f83d3c-ed2b-11ec-b760-7bce9808e79a
last-modified: Tue, 10 May 2022 16:00:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c74ac91bbbf-FRA
x-cache-hits: 91

GET
H2 200 416.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 3 KB
1 KB 98ms
94ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/416.bundle.js?d218d8

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_puQq5nm5Sph8e2DB6wL5bzqUylWLYyol4gH5H77JHxU.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65782cf6d5c118e4b84e134d660d5e74d83384799c2f5df88b04963e2e795293

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1038452
x-cache: HIT
x-ah-environment: prod
content-length: 1287
x-request-id: v-53e1ba26-0758-11ed-bf14-bb167e9de09a
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c74ac96bbbf-FRA
x-cache-hits: 18

GET
H2 200 404.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 406 B
439 B 96ms
93ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_puQq5nm5Sph8e2DB6wL5bzqUylWLYyol4gH5H77JHxU.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1041484
x-cache: HIT
x-ah-environment: prod
content-length: 263
x-request-id: v-054ac27a-e0b8-11ec-84d3-ab854bdeae07
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c74ac98bbbf-FRA
x-cache-hits: 95

GET
H2 200 396.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 1 KB
638 B 99ms
98ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/396.bundle.js?d2a36f

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_puQq5nm5Sph8e2DB6wL5bzqUylWLYyol4gH5H77JHxU.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85812e1f30e98e63c3ea17a4a7bea7cc0c26b8edef9c48d0af517fecd45210c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1041484
x-cache: HIT
x-ah-environment: prod
content-length: 519
x-request-id: v-f61f0d0a-fa49-11ec-bdf3-37f46ecc941c
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
expires: Tue, 30 Aug 2022 10:18:02 GMT
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c74ac9abbbf-FRA
x-cache-hits: 76

GET
H2 200 menu-drop-down.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 207 B
296 B 97ms
93ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/menu-drop-down.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3c4f02f1f6a5e491336064c0d0bdcd6914d5794a431a359c1f684cec8ed77f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1170019
x-cache: HIT
x-cache-hits: 61
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-f5aef38a-fa49-11ec-bc47-3ffbf831e427
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74bcb3bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 see-what.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 740 B
486 B 86ms
79ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/see-what.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d544d04a6282b544aa3fbc8e024e41f00902673fe34f774092c02d4e7d6712

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 43760
x-cache: HIT
x-cache-hits: 26
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-2c406f2e-b9cb-11ec-9f58-2ff3b2a3ba46
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74ccccbbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 incident-response.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 777 B
520 B 88ms
80ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident-response.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860f45e645e33a50a9a34186d5c0558df4198829fe98679a4a6e1e754fca1aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36459
x-cache: HIT
x-cache-hits: 75
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-d1d8292a-bd9c-11ec-a5b4-9b21e0468049
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74ccd2bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 incident.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 1023 B
654 B 82ms
74ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 391625
x-cache: HIT
x-cache-hits: 9
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-cc2faf6e-9ff3-11ec-ae93-83ed4f55885e
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74ccd5bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 contact-sales.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 613 B
488 B 90ms
83ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact-sales.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887dea1b760d630afcbae650e3259dc18ef1a7fe3137ab715a56005a69f921b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36459
x-cache: HIT
x-cache-hits: 83
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-d1d4f7b4-bd9c-11ec-bfbb-1b89a9c65fe6
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74ccd6bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 contact.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 716 B
536 B 85ms
78ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 997241
x-cache: HIT
x-cache-hits: 38
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-73ab1a7a-8f8d-11ec-8760-773cb24816d6
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74ccd9bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 support.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 4 KB
2 KB 89ms
82ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/support.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 469458
x-cache: HIT
x-cache-hits: 119
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-88d4dd10-ab16-11ec-bd0b-a7b3143f3bef
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74ccdbbbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 sign-in.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 630 B
434 B 86ms
82ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/sign-in.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf204863b72594d7da599f0ad2cfb43573b91d2ef348983d8890f64ba9858d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36459
x-cache: HIT
x-cache-hits: 59
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-62382e52-ed54-11ec-b0b1-c3059b790828
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74ccdebbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 menu-arrow-white.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 752 B
493 B 89ms
85ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/menu-arrow-white.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f41b6056bfd2eb59371fabdc40b3970f02458ee463aa92385fe214fb00aebae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1043400
x-cache: HIT
x-cache-hits: 112
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-3dc24f5a-e97e-11ec-b024-07c46c87ce3e
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74cce0bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 advantage-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 203 B
356 B 88ms
85ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/advantage-arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1046811
x-cache: HIT
x-cache-hits: 57
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-660a6c08-e9ed-11ec-9e7c-d78a32f47519
last-modified: Thu, 03 Feb 2022 17:26:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c74cce2bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 gray-circle.png
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/backgrounds/ 9 KB
9 KB 80ms
69ms Image
image/png 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/backgrounds/gray-circle.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfbbb6a8bb9482b6bddbba133d70d9ac28fea886ede20ecdaf3110d5c70dba6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1032461
x-cache: HIT
x-cache-hits: 43
x-ah-environment: prod
content-length: 8943
x-request-id: v-397b6016-f9c9-11ec-a4fa-4ba350d1bb26
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c74ecf9bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 footer-bg-transparent.png
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 134 KB
134 KB 64ms
40ms Image
image/png 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/footer-bg-transparent.png

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 306777
x-cache: HIT
x-cache-hits: 60
x-ah-environment: prod
content-length: 136986
x-request-id: v-e43b31cc-ee78-11ec-8e3f-9f1b143ea5cf
last-modified: Fri, 03 Jun 2022 20:04:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c755da5bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
56 KB 84ms
61ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1043400
x-cache: HIT
x-cache-hits: 88
x-ah-environment: prod
content-length: 57572
x-request-id: v-688e0366-f9d0-11ec-885a-7f9d4268f572
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c755da2bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 MaterialIcons-Outlined.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/ 148 KB
148 KB 74ms
51ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/MaterialIcons-Outlined.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 48477
x-cache: HIT
x-cache-hits: 186
x-ah-environment: prod
content-length: 151244
x-request-id: v-4b8b4d74-bd5c-11ec-af68-7f592ecdd231
last-modified: Mon, 11 Apr 2022 19:08:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c755da3bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 374 KB
101 KB 181ms
79ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?rgo1s7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3384d17c5da5511f930e038c8d5456c177e1bdd45d61cf17987bea4a060658e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102709
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Aug 2022 10:18:02 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 386 KB
154 KB 130ms
25ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:03 GMT

GET
H2 200 Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 50ms
49ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 603782
x-cache: HIT
x-cache-hits: 44
x-ah-environment: prod
content-length: 56020
x-request-id: v-ef45be5a-9042-11ec-ac15-ab9ba7f114f5
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c7718d2bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 71 KB
71 KB 52ms
51ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 976076
x-cache: HIT
x-cache-hits: 173
x-ah-environment: prod
content-length: 72380
x-request-id: v-51583b4e-aae3-11ec-b911-87939b0c8a84
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c7718d8bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H3 200 core.be1d8798.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 85ms
58ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.be1d8798.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08ca65f013a2179c5c78003ce4cc47978c2b8d6d2d9f6521d3b64411ecc68de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 807016
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 07 Aug 2022 01:47:07 GMT
server: cloudflare
etag: W/"118b8-5e59ce082dc6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 73b96c77897f9bd0-FRA
cf-bgj: minify

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 2529 741 B
617 B 36ms
30ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 616658
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 73b96c777f805c20-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 16 Aug 2022 10:18:02 GMT
etag: W/"2e5-5cc9e128a4c38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H2 200 latin.woff2
consent.trustarc.com/v2/asset/ 13 KB
13 KB 70ms
26ms Font
application/octet-stream 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/v2/asset/latin.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Aug 2022 09:30:27 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
last-modified: Wed, 3 Aug 2022 01:22:09 GMT
server: openresty/1.15.8.2
age: 3340
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-pop: FRA60-P1
content-length: 13036
x-amz-cf-id: CPMfnJPu_a-CVdm7-9pZxsZtOeFXJDsw0qOZPLLjObTo3thmHoeXtA==

GET
H2 200 ic-error.svg
consent.trustarc.com/v2/asset/ 5 KB
1 KB 30ms
26ms Image
image/svg+xml 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-error.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Aug 2022 09:30:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:12 GMT
server: openresty/1.15.8.2
age: 2861
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hax-_f7PPsMK3-TR_kVx0M1xbWItUYb3QtbxZUkZQ81frhCdcJ4XLw==

GET
H2 200 ic-close-white.svg
consent.trustarc.com/v2/asset/ 7 KB
2 KB 32ms
28ms Image
image/svg+xml 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-close-white.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Aug 2022 10:06:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:09 GMT
server: openresty/1.15.8.2
age: 726
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 2KEXXS_orJhxxUk3GoD_T-91TX1atrQMldAAD_DFxULmX-_4mmhl1Q==

GET
H2 200 ic-close.svg
consent.trustarc.com/v2/asset/ 6 KB
1 KB 34ms
30ms Image
image/svg+xml 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-close.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Aug 2022 09:59:51 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:11 GMT
server: openresty/1.15.8.2
age: 1099
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: JVxVbAWtbVDjTYLaKIhnvYk05aiq1hcND0YTfnCGycmU2vo0HsfA2A==

GET
H2 200 trustarc-logo-xs.svg
consent.trustarc.com/v2/asset/ 3 KB
2 KB 35ms
32ms Image
image/svg+xml 13.32.121.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/trustarc-logo-xs.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-85.fra60.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: public
date: Tue, 16 Aug 2022 10:10:48 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 02:29:33 GMT
server: openresty/1.15.8.2
age: 464
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Jl-i_6JGxr-pyzqVqTADtSPSb2xq3XjJw4ezgDHhDywvA0zDvAIBCw==

GET
H2 200 arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 231 B
320 B 37ms
37ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:02 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1084265
x-cache: HIT
x-cache-hits: 70
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-994ddd02-e204-11ec-b0fd-8b00301ab536
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 73b96c786ac7bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
57 KB 53ms
53ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:03 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1046457
x-cache: HIT
x-cache-hits: 186
x-ah-environment: prod
content-length: 57764
x-request-id: v-cad0a22e-ecea-11ec-97e8-3f6ffbb9a0d2
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c788afbbbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 53ms
53ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:03 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 602933
x-cache: HIT
x-cache-hits: 35
x-ah-environment: prod
content-length: 55968
x-request-id: v-68072d96-9044-11ec-823a-4bee73990abb
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c789b03bbbf-FRA
expires: Tue, 30 Aug 2022 10:18:02 GMT

GET
H2 200 Barlow-MediumItalic.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 59 KB
59 KB 52ms
52ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-MediumItalic.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_hvdYxFIOqKvhrnQyxje1XigkbxJMx5EJh7GLU_xJvTM.css
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:03 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1040222
x-cache: HIT
x-cache-hits: 52
x-ah-environment: prod
content-length: 60612
x-request-id: v-39a418f0-125e-11ed-a4e7-db0f9e5c50a5
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 73b96c78ab1cbbbf-FRA
expires: Tue, 30 Aug 2022 10:18:03 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
71 KB 80ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

794695451965e70198a70fbe569681cfa56b45dace2a0ef6c10a85f250fe7464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72794
x-xss-protection: 0
expires: Tue, 16 Aug 2022 10:18:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
21ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4563
date: Tue, 16 Aug 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Aug 2022 11:02:00 GMT

GET
H2 200 index.js Show response
cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/ 3 KB
2 KB 112ms
22ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/index.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

853f77de90385806427ff0cd0ac797795adbd82c800c26381f7e55537e736587

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1838094
x-jsd-version: 2.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1301
etag: W/"b22-n2o9T9k7cye7ujWQ0K/tCJdFJAM"
x-served-by: cache-fra19163-FRA, cache-hhn4059-HHN
x-jsd-version-type: version
date: Tue, 16 Aug 2022 10:18:03 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 9733b1e1169991b694a1ddb4dc45463acc83618f.js Show response
my.hellobar.com/ 28 KB
6 KB 385ms
241ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9c9d0684b03981293688c381d7a8064bb759f2d84bfead776e4b106a853d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Aug 2022 23:35:21 GMT
server: cloudflare
x-amz-request-id: MJ9PXRTE22JD27V8
etag: W/"fbadf79c44b23b5de627ed2770deac8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 73b96c7b6a276937-FRA
x-amz-id-2: rCqYsNOw2nRRrYmc86UUDHsXFji24bxCa2l9YxE4QZg4mx58NmoCPP6DXettf8EbNlp50cSWPHk=
cf-bgj: minify

GET
H2 200 amplitude-8.18.1-min.gz.js Show response
cdn.amplitude.com/libs/ 92 KB
25 KB 119ms
23ms Script
application/javascript 52.222.206.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.18.1-min.gz.js
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc639c48fbda7a7d1edd028852cd024851965e1e80c9a43f460687ce92ffd991

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:33:31 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 6623073
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25443
access-control-allow-origin: *
last-modified: Wed, 06 Apr 2022 01:05:30 GMT
server: AmazonS3
etag: "c3ec696faef16420de280b85d83e117f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: II_SYzym81QVleeRt9SdBWN0SkU4nVoj
via: 1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: LzpXrOLRCc97gq-NZe95Uusdo2D3XvFBSUtG5KimzAv-6sC6EHtADg==

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 196ms
195ms XHR
text/html 34.211.183.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.18.1-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.183.198 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-183-198.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.mandiant.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 16 Aug 2022 10:18:04 GMT
trace-id: Root=1-62fb6edc-6f1d52fb2bd739f57559873b
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 620ms
197ms Preflight 34.211.183.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.183.198 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-183-198.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://www.mandiant.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Tue, 16 Aug 2022 10:18:04 GMT
strict-transport-security: max-age=15768000

GET
H2 200 modules.js Show response
my.hellobar.com/ 254 KB
73 KB 36ms
36ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce421051d810005d6f959f447f28f8cd0dfde122dea59fd1c8f9d91e9c4ac035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 5014
cf-polished: origSize=260222
x-amz-request-id: 50CFFSDGA7BKDDVH
x-amz-id-2: I/GdBnNY3haV1Fv66r/ynJ8V3c3ctUvxw1ZwYCdggvgvEsJnWgRQrewTIooqY/gqL7SiFHCije0=
last-modified: Mon, 08 Aug 2022 16:51:22 GMT
server: cloudflare
etag: W/"08f46e1dd6bacff34da2658bbfc60074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 73b96c7d6ce96937-FRA
cf-bgj: minify

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 81ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/resources/log4shell-recommendations
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: W2S5A87EG1C89ADE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c9P6myFxLLD3IyZ4P2Q59GznMAh/LL0NtRLP/qzmj57pyyLc8LBRAjUQIZZNiJ5WMagYxPOHvUs=
x-served-by: cache-hhn4044-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1660645084.897428,VS0,VE0
date: Tue, 16 Aug 2022 10:18:03 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 12476

GET
H2 200 css2
fonts.googleapis.com/ Frame E191 664 B
858 B 88ms
32ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:48:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Aug 2022 10:18:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Aug 2022 10:18:03 GMT

GET
H2 200 jizjvFEHi0Cbext8m3TtUnsSGZK29FD66-hHHRSS
hi.hellobar.com/v/be8KBkb3zEPIWRCUH3t8rcsMr-_86GL6S/ 35 B
361 B 717ms
634ms Image
image/gif 2600:9000:223e:8200:1b:45dc:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.hellobar.com/v/be8KBkb3zEPIWRCUH3t8rcsMr-_86GL6S/jizjvFEHi0Cbext8m3TtUnsSGZK29FD66-hHHRSS?t=1660645084&v=2832d5f0-7171-48b0-ead1-0459a07d3424&f=i&s=63b21dcd5674263a82c1af336d717c343b6ff2ca7d266c7c080a4eb60322c6c0176d8dc1e1753f9e0816fec0a07effee3a6606bb17be32c76dee5da581174440
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8200:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:53:00 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
last-modified: Tue, 10 Apr 2018 13:15:02 GMT
server: AmazonS3
age: 31831
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Error from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 35
x-amz-cf-id: EASRJN0fEU6Cx0LS03KCR3TN7k_oXAsI6nLvLb_oK8NxotHfl0t5hQ==

GET
DATA 200
OK truncated
/ Frame E191 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728

Request headers

Referer
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A05A 43 KB
22 KB 93ms
43ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=sk7nm19oyt8b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32bb515522669553602b21b66e5a74d58e95d351eb82cca96fef3259d2ac06b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-twhzJEmSEBfAjWbfKbOB1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22825
content-security-policy: script-src 'report-sample' 'nonce-twhzJEmSEBfAjWbfKbOB1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:18:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E0F4 43 KB
22 KB 97ms
51ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=compact&cb=cgpfyxwb1nuh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a273712277f42a148e31801f733b169cf4e6178b96331e7b9c0ee2fd7e8916a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-u5267znD4Nf7b0efvVdVaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22821
content-security-policy: script-src 'report-sample' 'nonce-u5267znD4Nf7b0efvVdVaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:18:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK NRJS-890ead692fb1e944fb6 Show response
bam.nr-data.net/1/ 49 B
721 B 331ms
279ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-890ead692fb1e944fb6?a=1404479750&v=1216.487a282&to=YlRVYERZV0ZSWhINX1sedldCUVZbHH0UEUBUXWtaWVxcaXBWCBBCWl1bUURkd1pXXDANVUJyWFpCSlZZX1wUSQ5DWFJD&rst=2494&ck=1&ref=https://www.mandiant.com/resources/log4shell-recommendations&ap=583&be=594&fe=2394&dc=1088&perf=%7B%22timing%22:%7B%22of%22:1660645081434,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:35,%22ce%22:59,%22rq%22:59,%22rp%22:544,%22rpe%22:547,%22dl%22:552,%22di%22:1087,%22ds%22:1088,%22de%22:1118,%22dc%22:2394,%22l%22:2394,%22le%22:2398%7D,%22navigation%22:%7B%7D%7D&fp=810&fcp=810&at=ThNWFgxDREg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 16 Aug 2022 10:18:04 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 73b96c7efd0a9299-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
339 B 79ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe8f0&_p=268754964&gcs=G100&cid=1310153554.1660645084&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660645083&sct=1&seg=0&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Flog4shell-recommendations&dt=Log4Shell%20Initial%20Exploitation%20and%20Mitigation%20Recommendations%20%7C%20Mandiant&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:18:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 69ms
28ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=268754964&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Flog4shell-recommendations&ul=en-us&de=UTF-8&dt=Log4Shell%20Initial%20Exploitation%20and%20Mitigation%20Recommendations%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAAgAABE~&cid=1310153554.1660645084&tid=UA-203244293-1&_gid=1415233128.1660645084&gtm=2wg8f0T72STLD&cg1=null&cg2=resources&cd2=Pageview&cd3=1660645083255.w8xgy9m&cd4=2022-08-16T10%3A18%3A03.256%2B00%3A00&cd5=&cd15=dec%2015%2C%202021&cd16=dec%2015%2C%202021&gcs=G100&cd1=1310153554.1660645084&z=1712735226

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:02:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72918
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 68ms
27ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=268754964&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Flog4shell-recommendations&ul=en-us&de=UTF-8&dt=Log4Shell%20Initial%20Exploitation%20and%20Mitigation%20Recommendations%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=trustarc&ea=banner_served&_u=aGgAgAABE~&cid=1310153554.1660645084&tid=UA-203244293-1&_gid=385289755.1660645084&gtm=2wg8f0T72STLD&cg1=null&cg2=resources&cd3=1660645083400.5y9kzde4&cd4=2022-08-16T10%3A18%3A03.400%2B00%3A00&cd5=&cd15=dec%2015%2C%202021&cd16=dec%2015%2C%202021&gcs=G100&cd1=1310153554.1660645084&z=865311303

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:02:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72918
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 67ms
27ms Image
image/gif 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=268754964&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Flog4shell-recommendations&ul=en-us&de=UTF-8&dt=Log4Shell%20Initial%20Exploitation%20and%20Mitigation%20Recommendations%20%7C%20Mandiant&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Resource%20Type&ea=null&el=null&_u=aGgAgAABE~&cid=1310153554.1660645084&tid=UA-203244293-1&_gid=58068661.1660645084&gtm=2wg8f0T72STLD&cg1=null&cg2=resources&cd3=1660645083839.3myj503b&cd4=2022-08-16T10%3A18%3A03.839%2B00%3A00&cd5=&cd15=dec%2015%2C%202021&cd16=dec%2015%2C%202021&gcs=G100&cd1=1310153554.1660645084&z=678011158

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 14:02:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72918
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame E191 23 KB
24 KB 81ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 580250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 17:07:14 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame A05A 52 KB
24 KB 80ms
38ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=sk7nm19oyt8b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame A05A 386 KB
154 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:03 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame E0F4 52 KB
24 KB 47ms
23ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame E0F4 386 KB
154 KB 69ms
45ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:03 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E0F4 102 B
134 B 31ms
30ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=compact&cb=cgpfyxwb1nuh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 10:18:04 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A05A 102 B
134 B 50ms
50ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=sk7nm19oyt8b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 10:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 10:18:04 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2A4B 7 KB
1 KB 35ms
35ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c4886bbe66e634ee47d9263969c0e1814279a19a4e49fee704c9308ddd82d03

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tySHTUmeTwUX0V5fVHQ3LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-tySHTUmeTwUX0V5fVHQ3LQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:18:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame ABBC 7 KB
1 KB 33ms
32ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

418b7136bce7b1fa481eb340e7d8e86bbc26cc9c3fa2bdfb7423fc7a3083a011

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m3e5Pw9E9u00Xw4C4WE9Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mandiant.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1112
content-security-policy: script-src 'report-sample' 'nonce-m3e5Pw9E9u00Xw4C4WE9Rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Aug 2022 10:18:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 2A4B 52 KB
24 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 2A4B 386 KB
154 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:03 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame ABBC 52 KB
24 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:04 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame ABBC 386 KB
154 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 09:56:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 09:56:03 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 68ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe8f0&_p=268754964&gcs=G100&cid=1310153554.1660645084&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1660645083&sct=1&seg=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fresources%2Flog4shell-recommendations&dt=Log4Shell%20Initial%20Exploitation%20and%20Mitigation%20Recommendations%20%7C%20Mandiant&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mandiant.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 16 Aug 2022 10:18:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mandiant.com/	1970-01-20 05:17:26	Name: __cf_bm Value: 70jraiXrBDtP5JjKXxxkPBjZiByfYcHBi7RFpIOkY.I-1660645081-0-ASeELGal9OdbVsLG5R/pqDCWqcsIMNfWj9fMlXmj9beJxDdrHojTFQOurUlRK/MUQ4/CDWo4lm0VspRvzKuacZg=
.mandiant.com/	1970-01-20 14:03:01	Name: amp_00f43d Value: qCGy2hZNF-kCsP5QEu938g...1gaj2i2he.1gaj2i2hf.1.0.1
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 183bbc69e157aea8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
bam.nr-data.net
cdn.amplitude.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
hi.hellobar.com
js-agent.newrelic.com
my.hellobar.com
region1.google-analytics.com
static.addtoany.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mandiant.com
13.32.121.85
151.101.2.137
162.247.241.14
2001:4860:4802:32::36
2001:4860:4802:36::178
2600:9000:223e:8200:1b:45dc:7080:93a1
2606:4700:10::ac43:2794
2606:4700:10::ac43:2be9
2606:4700:300b::a29f:f07d
2606:4700::6811:180e
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2008
2a00:1450:400e:80e::200a
2a04:4e42:200::485
34.211.183.198
52.222.206.118
00c6bd032ff6549a7be00d51ddfe36cc85926512474ee1d99f32eb8390e5890a
09e9f45fec1d72935da9e29cb86b70918771a22f1a30ab9d46a6c46ac17b8c26
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
0b9c9d0684b03981293688c381d7a8064bb759f2d84bfead776e4b106a853d02
0c4886bbe66e634ee47d9263969c0e1814279a19a4e49fee704c9308ddd82d03
0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6
0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
1dc363660132cb70943cdf8c4a86d6f946a969b68974c9c3d0a425a90942f426
22d544d04a6282b544aa3fbc8e024e41f00902673fe34f774092c02d4e7d6712
248aa1d994b6b31b6c38f19c98e2c8c275c799c49f0a6169b8f6fb7e51d38d23
32bb515522669553602b21b66e5a74d58e95d351eb82cca96fef3259d2ac06b2
3384d17c5da5511f930e038c8d5456c177e1bdd45d61cf17987bea4a060658e8
34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8
418b7136bce7b1fa481eb340e7d8e86bbc26cc9c3fa2bdfb7423fc7a3083a011
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
5c1730bd98278b80f2e3ddb024475b1c70a7fea5648390aa34d229f5e3dd3ea9
5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b
5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282
65782cf6d5c118e4b84e134d660d5e74d83384799c2f5df88b04963e2e795293
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728
78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e
794695451965e70198a70fbe569681cfa56b45dace2a0ef6c10a85f250fe7464
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ab83a5ddc3b0d7f10f7d165e3e334de42ad254a1a84ab89b7cfba1e3b131b6
853f77de90385806427ff0cd0ac797795adbd82c800c26381f7e55537e736587
85812e1f30e98e63c3ea17a4a7bea7cc0c26b8edef9c48d0af517fecd45210c7
860f45e645e33a50a9a34186d5c0558df4198829fe98679a4a6e1e754fca1aeb
86f758c4520ea8abe1ae7432c637b55e28246f124cc7910987b18b53fc49bd33
887dea1b760d630afcbae650e3259dc18ef1a7fe3137ab715a56005a69f921b0
8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98d7c4fe1604e08c228b1c8756ccfed58659528670ee420520d157e3787b9f6a
9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
9f41b6056bfd2eb59371fabdc40b3970f02458ee463aa92385fe214fb00aebae
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a273712277f42a148e31801f733b169cf4e6178b96331e7b9c0ee2fd7e8916a7
a6e42ae679b94a987c7b60c1eb02f96f3a94ca558b632a25e201f91fbec91f15
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bc639c48fbda7a7d1edd028852cd024851965e1e80c9a43f460687ce92ffd991
bf204863b72594d7da599f0ad2cfb43573b91d2ef348983d8890f64ba9858d1e
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
ce421051d810005d6f959f447f28f8cd0dfde122dea59fd1c8f9d91e9c4ac035
cfbbb6a8bb9482b6bddbba133d70d9ac28fea886ede20ecdaf3110d5c70dba6c
da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a
dcdde07d3a5949f74a4aa24c71d6e28d3623dac44942e4e1ddbc2d051aeb83f0
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4f02f1f6a5e491336064c0d0bdcd6914d5794a431a359c1f684cec8ed77f7
f08ca65f013a2179c5c78003ce4cc47978c2b8d6d2d9f6521d3b64411ecc68de
f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f576a0f509bfab085122d2e1a7a2b12f496b6df8c5b618c459728b191265ac17
fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

www.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f07d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

72 %IPv6

14 Domains

18 Subdomains

19 IPs

3 Countries

2188 kBTransfer

5209 kBSize

3 Cookies

46 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

72 %
IPv6

14
Domains

18
Subdomains

19
IPs

3
Countries

2188 kB
Transfer

5209 kB
Size

3
Cookies

77 HTTP transactions
1 data transactions