selling.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Page URL
2. https://selling.mandiant.com/mandiant/sso.aspx Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F Show response lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/	3 KB 2 KB	291ms 207ms	Document text/html	2600:9000:26e8:5a00:15:9b88:3340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:5a00:15:9b88:3340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0ff61f25169c774925b94f29cc4d54e54172e7110486b2c3234196f7a16c5209 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 18931 content-encoding br content-type text/html date Fri, 03 May 2024 23:31:43 GMT etag W/"c046993f8d191fb583e7cf975e919bda" last-modified Thu, 21 Apr 2022 08:10:29 GMT server AmazonS3 vary Accept-Encoding via 1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront), 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront) x-amz-cf-id jvcz4Z4a_rkg_9Fbw-eYiGAmeFdZS5BLF5W6G3cI8bgTtz2w_7s9Ag== x-amz-cf-pop FRA56-P8 FRA56-P10 x-cache Miss from cloudfront
GET H2	200	css fonts.googleapis.com/	5 KB 1016 B	81ms 30ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:100,200,300 Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d761de25b9458cfae3a16ded661e8c92a89d191f3c9911f88ff05de5cd5ffa6f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 04 May 2024 04:47:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 04 May 2024 04:41:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 04 May 2024 04:47:13 GMT
GET H2	200	css fonts.googleapis.com/	13 KB 964 B	83ms 33ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900 Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 04 May 2024 04:47:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 04 May 2024 02:58:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 04 May 2024 04:47:13 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 676 B	82ms 31ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:400,300,600 Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 62be2da7636f50d9ef024b1a73e637a6c6d8b8df62a23a3eb204e92279bc49e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sat, 04 May 2024 04:47:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 04 May 2024 04:47:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 04 May 2024 04:47:13 GMT
GET H2	200	index.css lsems.gravityzone.bitdefender.com/	134 B 545 B	24ms 23ms	Stylesheet text/css	2600:9000:26e8:5a00:15:9b88:3340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lsems.gravityzone.bitdefender.com/index.css Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:5a00:15:9b88:3340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 00ecfbd7bb7685928f2a5960e1d6f12c1d06e2678a24d822633e9700667489c2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 03 May 2024 08:35:42 GMT via 1.1 af3799c72ed879abb7633a4c3e57502e.cloudfront.net (CloudFront), 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront) last-modified Thu, 21 Apr 2022 08:10:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P8, FRA56-P10 age 72692 etag "6748fbbc7fb3b016e371219d605b1239" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 134 x-amz-cf-id pYn1Y4NCL1HFeqNSCu5NNXPw5D9yfPpSRlnXVdcFoF1BFSY4QABYVw==
GET H2	200	main.8d37bdeb.chunk.css lsems.gravityzone.bitdefender.com/static/css/	4 KB 1 KB	25ms 24ms	Stylesheet text/css	2600:9000:26e8:5a00:15:9b88:3340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lsems.gravityzone.bitdefender.com/static/css/main.8d37bdeb.chunk.css Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:5a00:15:9b88:3340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 320b82111ef222c70547db6d4a2bedf1fd37d19ac73eee1692966481cf0ce9ad Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 04 May 2024 04:11:39 GMT content-encoding br via 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront), 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront) last-modified Thu, 21 Apr 2022 08:10:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P11, FRA56-P10 age 2135 etag W/"f56338d91cbb78807f69c1ca2981ea9f" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id rGQ74QrQq6789kKAs3mszzsRypMuLd5RcobWX9Ni4YfpDTglFrlnwQ==
GET H2	200	2.c382a83a.chunk.js Show response lsems.gravityzone.bitdefender.com/static/js/	220 KB 72 KB	28ms 27ms	Script application/javascript	2600:9000:26e8:5a00:15:9b88:3340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lsems.gravityzone.bitdefender.com/static/js/2.c382a83a.chunk.js Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:5a00:15:9b88:3340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 510ed170ca3ac399d8954931bb867a758a1894573f3500da5ff0d7c56a61aacb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 03 May 2024 05:23:06 GMT content-encoding gzip via 1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront), 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront) last-modified Thu, 21 Apr 2022 08:10:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P8, FRA56-P10 age 84248 etag W/"96786825f3b2ae86d4fca150bf4c1e4c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id zkDFGoywkF1iggwx7q2WaWDXp6nM5qY3yQ5CpAjWNBbXYPsSDqca0Q==
GET H2	200	main.d46a3d73.chunk.js Show response lsems.gravityzone.bitdefender.com/static/js/	20 KB 7 KB	177ms 177ms	Script application/javascript	2600:9000:26e8:5a00:15:9b88:3340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lsems.gravityzone.bitdefender.com/static/js/main.d46a3d73.chunk.js Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:5a00:15:9b88:3340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3f05e974f9ac00903340c88cd65b7ec9d46931ca15d323615635321c568072e9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 04 May 2024 04:47:14 GMT content-encoding gzip via 1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront), 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront) last-modified Thu, 21 Apr 2022 08:10:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P8, FRA56-P10 etag W/"dec4cd0ef58d03947ebebba78045c6fe" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript x-amz-cf-id xc7gwYokJhFo_DeVY_db8r9jNvQBp0vx4T7BlFdO2XnHLXR7hDLfkA==
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	70ms 21ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://lsems.gravityzone.bitdefender.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 29 Apr 2024 17:34:04 GMT x-content-type-options nosniff age 385989 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Apr 2025 17:34:04 GMT
GET H2	200	080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F apiv3.linkscan.io/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/	404 B 764 B	1186ms 1107ms	XHR application/json	18.66.147.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apiv3.linkscan.io/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?i=0&docs=1&s=1 Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/static/js/2.c382a83a.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-13.fra60.r.cloudfront.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://lsems.gravityzone.bitdefender.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 04 May 2024 04:47:14 GMT via 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 x-amzn-trace-id Root=1-6635bdd1-49af70e839a02c812b8623a4 x-amzn-requestid afe9de62-79e2-4115-98ea-f769ecb54525 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amz-apigw-id XOqYxE5lDoEEp6Q= content-length 404 x-amz-cf-id H3ge0llOBSRiu5_v4CTbZhlmTebr9j68QcAou0oxGdtcnikv3grWiA==
GET H2	200	favicon.ico lsems.gravityzone.bitdefender.com/	17 KB 18 KB	25ms 25ms	Other image/vnd.microsoft.icon	2600:9000:26e8:5a00:15:9b88:3340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lsems.gravityzone.bitdefender.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:5a00:15:9b88:3340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4a1d64d4748779d6600ad3033848db32fcc84e4e870ce4e60119d54d9ba3417c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 03 May 2024 06:25:42 GMT via 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront), 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront) last-modified Thu, 21 Apr 2022 08:10:29 GMT server AmazonS3 x-amz-cf-pop FRA56-P11, FRA56-P10 age 80492 etag "fba58480381fefa10f97bd44c76c87c7" x-cache Hit from cloudfront content-type image/vnd.microsoft.icon accept-ranges bytes content-length 17542 x-amz-cf-id XJWPne-niJ31ftRZpKm1TOS0yhLasnjCuMxetzluQtpNuKhsVfyJxw==
GET		080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/	0 0
GET		080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/	0 0
GET H2	404	Primary Request sso.aspx Show response selling.mandiant.com/mandiant/	3 KB 2 KB	141ms 78ms	Document text/html	2606:4700:300b::a29f:f07d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://selling.mandiant.com/mandiant/sso.aspx Requested by Host: lsems.gravityzone.bitdefender.com URL: https://lsems.gravityzone.bitdefender.com/static/js/main.d46a3d73.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf83cca7ed1a976245e4ae0bd4033b62870f0a60095b1239ca3ab93c0fab62bb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://lsems.gravityzone.bitdefender.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store cf-cache-status DYNAMIC cf-ray 87e5da04cd5f4dca-FRA content-encoding gzip content-type text/html date Sat, 04 May 2024 04:47:14 GMT server cloudflare vary Accept-Encoding x-azure-ref 20240504T044714Z-1675f55558856wqpcftkmkfvm400000000gg00000000sp84 x-cache CONFIG_NOCACHE
GET H2	200	UxFxErrorCss_8097D4DBB3B4874308CB3816C1762BED98637360.css azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/	6 KB 2 KB	116ms 23ms	Stylesheet text/css	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/UxFxErrorCss_8097D4DBB3B4874308CB3816C1762BED98637360.css Requested by Host: selling.mandiant.com URL: https://selling.mandiant.com/mandiant/sso.aspx Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f702775b4c9adc1e8fa61169a437b6f22556b44b9f2a975464e02432b547c13b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://selling.mandiant.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 04 May 2024 04:47:14 GMT content-encoding br last-modified Wed, 19 Sep 2018 20:53:44 GMT vary Accept-Encoding x-azure-ref 20240504T044714Z-1675f555588fd2w4rqst5bczhw00000000kg000000009pxa content-type text/css x-ms-request-id cc627239-701e-0047-24f2-9a4034000000 x-cache TCP_HIT x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0
GET H2	200	UxFxStableCssWesternEuropean_6724ABFCA058F28804A76FD40AD14C9D7A6031D9.css azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/	6 KB 1 KB	115ms 22ms	Stylesheet text/css	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/UxFxStableCssWesternEuropean_6724ABFCA058F28804A76FD40AD14C9D7A6031D9.css Requested by Host: selling.mandiant.com URL: https://selling.mandiant.com/mandiant/sso.aspx Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash fb384cdeb37d9e15ff825977806172d13f5fc9d5289d07dc81c5407c08b82f2b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://selling.mandiant.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 04 May 2024 04:47:14 GMT content-encoding br last-modified Wed, 19 Sep 2018 19:33:12 GMT vary Accept-Encoding x-azure-ref 20240504T044714Z-1675f555588fd2w4rqst5bczhw00000000kg000000009px9 content-type text/css x-ms-request-id e0a54f77-301e-0034-3e65-9d18a7000000 x-cache TCP_HIT x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0
GET H2	200	chevron.svg azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/	332 B 672 B	118ms 26ms	Image image/svg+xml	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/chevron.svg Requested by Host: selling.mandiant.com URL: https://selling.mandiant.com/mandiant/sso.aspx Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash eb5dd3bb4bbc52bc91facfcc42e6c6f0f82e0fe9109693f3958ca6c16aa32f11 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://selling.mandiant.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 04 May 2024 04:47:14 GMT last-modified Wed, 19 Sep 2018 19:32:49 GMT etag 0x8D61E66AF6CC3EB x-azure-ref 20240504T044714Z-1675f555588fd2w4rqst5bczhw00000000kg000000009pxb x-cache TCP_HIT content-type image/svg+xml x-ms-request-id d392b7b3-301e-001b-7f9e-9d156c000000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 x-cache-info L1_T2 accept-ranges bytes content-length 332
GET H2	200	cloud_drop.svg azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/	837 B 1 KB	118ms 25ms	Image image/svg+xml	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/cloud_drop.svg Requested by Host: selling.mandiant.com URL: https://selling.mandiant.com/mandiant/sso.aspx Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b14cb354af6de250cc71c032a897a9f75ec2e5d3a6bff64d7002cae7a2bcb920 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://selling.mandiant.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 04 May 2024 04:47:14 GMT last-modified Wed, 19 Sep 2018 19:33:12 GMT etag 0x8D61E66BCD38D4A x-azure-ref 20240504T044714Z-1675f555588fd2w4rqst5bczhw00000000kg000000009pxc x-cache TCP_HIT content-type image/svg+xml x-ms-request-id 010f96ae-401e-0073-68aa-9d73fc000000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 x-cache-info L1_T2 accept-ranges bytes content-length 837
GET H2	200	ErrorBackground.png azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/	124 KB 125 KB	34ms 34ms	Image image/png	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/ErrorBackground.png Requested by Host: azurefrontdoorpages.azureedge.net URL: https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/UxFxErrorCss_8097D4DBB3B4874308CB3816C1762BED98637360.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a6cbaa934a88444e751973109c0675982883a2768656fb17a292f2f557e5a96c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/UxFxErrorCss_8097D4DBB3B4874308CB3816C1762BED98637360.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 04 May 2024 04:47:14 GMT last-modified Wed, 19 Sep 2018 19:33:12 GMT etag 0x8D61E66BD28030D x-azure-ref 20240504T044714Z-1675f555588fd2w4rqst5bczhw00000000kg000000009pxe x-cache TCP_HIT content-type image/png x-ms-request-id 4e209fe4-e01e-0045-6f86-9dfe8c000000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 x-cache-info L1_T2 accept-ranges bytes content-length 127360
GET		latest.woff azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/	0 0
GET		latest.ttf azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/	0 0
GET H2	200	favicon.ico azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/	31 KB 32 KB	22ms 22ms	Other image/x-icon	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://azurefrontdoorpages.azureedge.net/pages/PageNotFound_files/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash f1d6468dd8edc0f77ff9070408914b70791b0d594e496abcd16256d73712db86 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://selling.mandiant.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Sat, 04 May 2024 04:47:15 GMT last-modified Wed, 19 Sep 2018 19:33:12 GMT etag 0x8D61E66BCDCDE4E x-azure-ref 20240504T044715Z-1675f555588fd2w4rqst5bczhw00000000kg000000009py0 x-cache TCP_HIT content-type image/x-icon x-ms-request-id 29ad25fa-d01e-0013-06ff-9b0f63000000 x-ms-version 2009-09-19 x-fd-int-roxy-purgeid 0 accept-ranges bytes content-length 32038

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

lsems.gravityzone.bitdefender.com

URL

https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1

Domain

lsems.gravityzone.bitdefender.com

URL

https://lsems.gravityzone.bitdefender.com/scan/aHR0cHM6Ly9zZWxsaW5nLm1hbmRpYW50LmNvbS9tYW5kaWFudC9zc28uYXNweA==/080ED932EA029BCB430FB1A9210276C5D4C54CDAB98BBD1DAA7C5B4F5F4FDC1F?c=3&i=1&docs=1

Domain

azurefrontdoorpages.azureedge.net

URL

https://azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/latest.woff

Domain

azurefrontdoorpages.azureedge.net

URL

https://azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/latest.ttf

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mandiant.com/	1970-01-20 20:19:59	Name: __cf_bm Value: ZXvBGQwKhkflpSwQrKEhOWB6MF9_ijk0H.GFk39mSNs-1714798034-1.0.1.1-VeGhQpclE.iXWJccpj1Z9pJahaSRdAjd_1GrylQxYuKpxmaiZN4MuKxq2.IIrbMoudofofIJWlPogVkeU5q25A
			.mandiant.com/	1969-12-31 23:59:59	Name: _cfuvid Value: dIOBx8ZOgk3ItsxL9mwjHs1gch0OciqaR14Uzf0.1iI-1714798034736-0.0.1.1-604800000

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://selling.mandiant.com/mandiant/sso.aspx Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://selling.mandiant.com/mandiant/sso.aspx Message: Access to font at 'https://azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/latest.woff' from origin 'https://selling.mandiant.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/latest.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://selling.mandiant.com/mandiant/sso.aspx Message: Access to font at 'https://azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/latest.ttf' from origin 'https://selling.mandiant.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://azurefrontdoorpages.azureedge.net/pages/fonts/segoe-ui/west-european/normal/latest.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiv3.linkscan.io
azurefrontdoorpages.azureedge.net
fonts.googleapis.com
fonts.gstatic.com
lsems.gravityzone.bitdefender.com
selling.mandiant.com
azurefrontdoorpages.azureedge.net
lsems.gravityzone.bitdefender.com
18.66.147.13
2600:9000:26e8:5a00:15:9b88:3340:93a1
2606:4700:300b::a29f:f07d
2620:1ec:bdf::45
2a00:1450:4001:806::200a
2a00:1450:4001:812::2003
00ecfbd7bb7685928f2a5960e1d6f12c1d06e2678a24d822633e9700667489c2
0ff61f25169c774925b94f29cc4d54e54172e7110486b2c3234196f7a16c5209
320b82111ef222c70547db6d4a2bedf1fd37d19ac73eee1692966481cf0ce9ad
3f05e974f9ac00903340c88cd65b7ec9d46931ca15d323615635321c568072e9
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
4a1d64d4748779d6600ad3033848db32fcc84e4e870ce4e60119d54d9ba3417c
510ed170ca3ac399d8954931bb867a758a1894573f3500da5ff0d7c56a61aacb
62be2da7636f50d9ef024b1a73e637a6c6d8b8df62a23a3eb204e92279bc49e0
a6cbaa934a88444e751973109c0675982883a2768656fb17a292f2f557e5a96c
b14cb354af6de250cc71c032a897a9f75ec2e5d3a6bff64d7002cae7a2bcb920
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf83cca7ed1a976245e4ae0bd4033b62870f0a60095b1239ca3ab93c0fab62bb
d761de25b9458cfae3a16ded661e8c92a89d191f3c9911f88ff05de5cd5ffa6f
eb5dd3bb4bbc52bc91facfcc42e6c6f0f82e0fe9109693f3958ca6c16aa32f11
f1d6468dd8edc0f77ff9070408914b70791b0d594e496abcd16256d73712db86
f702775b4c9adc1e8fa61169a437b6f22556b44b9f2a975464e02432b547c13b
fb384cdeb37d9e15ff825977806172d13f5fc9d5289d07dc81c5407c08b82f2b