Submitted URL: https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGE3KJdXj_j20semVTl_kzORCaEYZLusXVv0pTlmdiVjbOt0ONslu0v0bUc0AjwlP0GgBOr4WY=
Effective URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6...
Submission: On June 07 via api from CH — Scanned from DE

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 104 HTTP transactions. The main IP is 2606:4700:300b::a29f:f07d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com. The Cisco Umbrella rank of the primary domain is 410066.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.
This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.71.206 13335 (CLOUDFLAR...)
35 2606:4700:300... 13335 (CLOUDFLAR...)
1 2606:4700:300... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 104.17.74.206 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
5 13.225.77.107 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.242.6 16509 (AMAZON-02)
4 44.235.111.192 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
104 21
Apex Domain
Subdomains
Transfer
43 mandiant.com
pages.mandiant.com
www.mandiant.com — Cisco Umbrella Rank: 410066
www2.mandiant.com
997 KB
19 gstatic.com
www.gstatic.com
fonts.gstatic.com
1 MB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
95 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
5 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2592
api.amplitude.com — Cisco Umbrella Rank: 1305
26 KB
5 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 2776
27 KB
3 hellobar.com
my.hellobar.com — Cisco Umbrella Rank: 15495
hi.hellobar.com — Cisco Umbrella Rank: 41358
79 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
166 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3910
26 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 582
711 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 347
14 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
5 KB
1 fireeye.com
www.fireeye.com — Cisco Umbrella Rank: 240980
1019 B
104 15
Domain Requested by
35 www.mandiant.com pages.mandiant.com
www.mandiant.com
16 www.gstatic.com www.google.com
www.gstatic.com
12 www.google.com www.mandiant.com
www.gstatic.com
www.google.com
7 www2.mandiant.com www.mandiant.com
www2.mandiant.com
6 www.google-analytics.com www.googletagmanager.com
www.mandiant.com
5 consent.trustarc.com www.mandiant.com
4 api.amplitude.com cdn.amplitude.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 my.hellobar.com www.googletagmanager.com
my.hellobar.com
2 www.googletagmanager.com www.mandiant.com
www.googletagmanager.com
2 fonts.googleapis.com consent.trustarc.com
my.hellobar.com
2 static.addtoany.com www.mandiant.com
static.addtoany.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.mandiant.com
1 hi.hellobar.com www.mandiant.com
1 cdn.amplitude.com cdn.jsdelivr.net
1 cdn.jsdelivr.net www.googletagmanager.com
1 cdnjs.cloudflare.com www.mandiant.com
1 www.fireeye.com www.mandiant.com
1 pages.mandiant.com
104 20
Subject Issuer Validity Valid
pages.mandiant.com
Cloudflare Inc ECC CA-3
2022-01-13 -
2023-01-12
a year crt.sh
mandiant.com
Cloudflare Inc ECC CA-3
2022-05-03 -
2023-05-02
a year crt.sh
fireeye.com
Cloudflare Inc ECC CA-3
2022-06-01 -
2023-06-01
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
www2.mandiant.com
Cloudflare Inc ECC CA-3
2022-01-13 -
2023-01-12
a year crt.sh
www.google.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2
2020-05-21 -
2022-07-17
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-25 -
2022-08-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
cdn.amplitude.com
Amazon
2021-12-17 -
2023-01-14
a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA
2022-01-28 -
2023-02-28
a year crt.sh
*.hellobar.com
Amazon
2021-11-15 -
2022-12-13
a year crt.sh
*.google.com
GTS CA 1C3
2022-05-09 -
2022-08-01
3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-10-06 -
2022-11-07
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh

This page contains 11 frames:

Primary Page: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Frame ID: 8ED8F75FC8122E078494A37A4A2D4360
Requests: 69 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: D6F24EBEE426DA7AC5898E8E3AFD5351
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4EF8EC48B6824F9CA7D17DD41EF035A0
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Frame ID: 73E472B76AE637FDDAD053FAF82E5E15
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Frame ID: 18B27ABD28AB31114F41E7BCB1894744
Requests: 4 HTTP requests in this frame

Frame: https://www2.mandiant.com/index.php/form/XDFrame
Frame ID: DE3EAC636C26E5297B7CB4AD0CF207D6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Frame ID: 21A5FBFE96014E62939754E6DB410428
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Frame ID: 67B1E46259EF07772D23B2494B1AC186
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: F6DC64D630BD0C9F2DB168EAF77037AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 44816E9B918F1ADEB0476FD504BC4E71
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 5C72EC1CC4F20BA50810540C869E3731
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Incident Response Services | Incident & Security Breach Support

Page URL History Show full URLs

  1. https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGE3KJdXj_j20semVTl_kzORCaEYZLusXVv0pTlmdiVjbOt0ONslu0v0bUc... Page URL
  2. https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • <link[^>]+recaptcha
  • /recaptcha/api\.js

Page Statistics

104
Requests

100 %
HTTPS

65 %
IPv6

15
Domains

20
Subdomains

21
IPs

3
Countries

2836 kB
Transfer

6834 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGE3KJdXj_j20semVTl_kzORCaEYZLusXVv0pTlmdiVjbOt0ONslu0v0bUc0AjwlP0GgBOr4WY= Page URL
  2. https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
NTY1LVBFSS05NTIAAAGE3KJdXj_j20semVTl_kzORCaEYZLusXVv0pTlmdiVjbOt0ONslu0v0bUc0AjwlP0GgBOr4WY=
pages.mandiant.com/
526 B
1 KB
Document
General
Full URL
https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGE3KJdXj_j20semVTl_kzORCaEYZLusXVv0pTlmdiVjbOt0ONslu0v0bUc0AjwlP0GgBOr4WY=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-KIYHOLqjviuob5+QroremNnoDov7p9mvf+Rhb+L6ttk=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7179ca93af26049b-CDG
content-encoding
gzip
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-KIYHOLqjviuob5+QroremNnoDov7p9mvf+Rhb+L6ttk=';object-src 'none';form-action 'none';frame-src 'none'
content-type
text/html
date
Tue, 07 Jun 2022 13:39:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
strict-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
Primary Request report-incident
www.mandiant.com/
89 KB
19 KB
Document
General
Full URL
https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Requested by
Host: pages.mandiant.com
URL: https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGE3KJdXj_j20semVTl_kzORCaEYZLusXVv0pTlmdiVjbOt0ONslu0v0bUc0AjwlP0GgBOr4WY=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1c0551e1f4989f1a37e43392dcc93c8aea98511ebbb0886621b964ac062eb7
Security Headers
Name Value
Content-Security-Policy report-uri /report-csp-violation
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pages.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=2764800, public
cf-cache-status
DYNAMIC
cf-ray
7179ca966f805caa-FRA
content-encoding
gzip
content-language
en
content-security-policy
report-uri /report-csp-violation
content-type
text/html; charset=UTF-8
date
Tue, 07 Jun 2022 13:39:01 GMT
etag
"1654609140"
expect-ct
max-age=86400
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 07 Jun 2022 13:39:00 GMT
link
<https://www.mandiant.com/report-incident>; rel="canonical" <https://www.mandiant.com/report-incident>; rel="alternate"; hreflang="en" <https://www.mandiant.fr/report-incident>; rel="alternate"; hreflang="fr" <https://www.mandiant.de/report-incident>; rel="alternate"; hreflang="de" <https://www.mandiant.jp/report-incident>; rel="alternate"; hreflang="ja" <https://www.mandiant.kr/report-incident>; rel="alternate"; hreflang="ko" <https://www.mandiant.es/report-incident>; rel="alternate"; hreflang="es"
permissions-policy
interest-cohort=()
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Cookie,Accept-Encoding
via
varnish
x-ah-environment
prod
x-cache
MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
v-3029ea16-e667-11ec-9f13-5bffdb4e23d7
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
google_tag.script.js
www.mandiant.com/sites/default/files/google_tag/google_tag_manager/
348 B
427 B
Script
General
Full URL
https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?rd2elq
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
74892
x-cache
HIT
x-cache-hits
47
x-ah-environment
prod
content-length
280
x-request-id
v-40f45296-e5b8-11ec-8f14-8363b948bae7
last-modified
Mon, 06 Jun 2022 16:46:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9dde8f5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css
www.mandiant.com/sites/default/files/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://www.mandiant.com/sites/default/files/css/css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
366914
x-cache
HIT
x-cache-hits
27
x-ah-environment
prod
content-length
2495
x-request-id
v-57305c6a-e2b3-11ec-818f-3fdf5f8b7a6c
last-modified
Mon, 23 May 2022 16:33:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9dde925caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
clientlibs_recaptcha.min.css
www.fireeye.com/etc/designs/fireeye-www/
649 B
1019 B
Stylesheet
General
Full URL
https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_recaptcha.min.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f67d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9
Security Headers
Name Value
Content-Security-Policy worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://content.fireeye.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest1
date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5105
x-vhost
publish
vary
Accept-Encoding,User-Agent
content-length
373
x-xss-protection
1; mode=block
last-modified
Mon, 06 Jun 2022 15:44:35 GMT
server
cloudflare
x-frame-options
ALLOW-FROM https://content.fireeye.com
etag
"289-5e0c959530ab5-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
public, max-age=14400
content-security-policy
worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
accept-ranges
bytes
cf-ray
7179ca9e0e886939-FRA
expires
Tue, 07 Jun 2022 17:39:01 GMT
css_BQ4zkU-VhaFMstlz-yar6r9ZKv19rYwFGRkEflhZZqs.css
www.mandiant.com/sites/default/files/css/
1 KB
589 B
Stylesheet
General
Full URL
https://www.mandiant.com/sites/default/files/css/css_BQ4zkU-VhaFMstlz-yar6r9ZKv19rYwFGRkEflhZZqs.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050e33914f9585a14cb2d973fb26abeabf592afd7dad8c051919047e585966ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
944995
x-cache
HIT
x-cache-hits
209
x-ah-environment
prod
content-length
313
x-request-id
v-aba4cb88-d583-11ec-9336-d7f3275320bb
last-modified
Thu, 28 Apr 2022 07:11:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9dde955caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/
23 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4716986
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4364
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-5cbb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rqo9W0kvUHbPHROU0BFKocxbgxxvUY3JRMpMpIHIC2pyKAsRgLi3RwnjZegX4885OVeVdHX07A5oAK0M%2F93bvtudVnE7JKgWVGHWGFNi31X60Up38LCGyoBqYMmOntK9C3frmE8sNlXJbVeP4BrL5Nla"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7179ca9e19e12397-ZRH
expires
Sun, 28 May 2023 13:39:01 GMT
css_GAicnP3bYJUEFa6ZPlbx0Cf9Uz7etRie94Rc-zPmnxI.css
www.mandiant.com/sites/default/files/css/
143 KB
21 KB
Stylesheet
General
Full URL
https://www.mandiant.com/sites/default/files/css/css_GAicnP3bYJUEFa6ZPlbx0Cf9Uz7etRie94Rc-zPmnxI.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18089c9cfddb60950415ae993e56f1d027fd533edeb5189ef7845cfb33e69f12
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
471026
x-cache
HIT
x-cache-hits
40
x-ah-environment
prod
content-length
21738
x-request-id
v-3b644dec-e08e-11ec-b7cd-df7279997075
last-modified
Thu, 19 May 2022 14:04:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9dde995caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
www.mandiant.com/sites/default/files/css/
373 KB
43 KB
Stylesheet
General
Full URL
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591351e463f0301f521107ed18926e616ea21f483c113865373e9527470e71e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
75133
x-cache
HIT
x-cache-hits
11
x-ah-environment
prod
content-length
43448
x-request-id
v-34cff51a-e5b8-11ec-98ab-1f0d1afefda9
last-modified
Mon, 06 Jun 2022 16:46:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9dde9b5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
mndt-gen-tall-bg.jpg
www.mandiant.com/sites/default/files/2021-09/
6 KB
6 KB
Image
General
Full URL
https://www.mandiant.com/sites/default/files/2021-09/mndt-gen-tall-bg.jpg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
106231
x-cache
HIT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits
117
x-ah-environment
prod
content-length
5790
x-request-id
v-22f1b87c-e088-11ec-880f-ff91ca76aab1
cf-bgj
h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9e7fa95caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
forms2.min.js
www2.mandiant.com/js/forms2/js/
205 KB
68 KB
Script
General
Full URL
https://www2.mandiant.com/js/forms2/js/forms2.min.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
age
3599
etag
"2d803a5-3326e-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7179ca9f2be69259-FRA
expires
Tue, 07 Jun 2022 17:39:01 GMT
js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js
www.mandiant.com/sites/default/files/js/
102 KB
35 KB
Script
General
Full URL
https://www.mandiant.com/sites/default/files/js/js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6399ecced1af9037a7e76cdd739177b8f2ab165daf2e70d70dfcbea2d03544a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
422804
x-cache
HIT
x-cache-hits
14
x-ah-environment
prod
content-length
35245
x-request-id
v-810f1808-d577-11ec-86ab-136a8cfcda16
last-modified
Mon, 09 May 2022 10:05:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9e7fa25caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
api.js
www.google.com/recaptcha/
910 B
993 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b03e22cd46df6548a01dd0efd4d0f482fdd748ac1c723a2ef96a418d3412ee7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
580
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 13:39:01 GMT
page.js
static.addtoany.com/menu/
72 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
100089
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
7179ca9ebc038fef-FRA
cf-bgj
minify
js_-gj7ptNS1G_G8LxsiBmEzL6LpSHTe9WEYSbU7DXJMl0.js
www.mandiant.com/sites/default/files/js/
230 KB
68 KB
Script
General
Full URL
https://www.mandiant.com/sites/default/files/js/js_-gj7ptNS1G_G8LxsiBmEzL6LpSHTe9WEYSbU7DXJMl0.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa08fba6d352d46fc6f0bc6c881984ccbe8ba521d37bd5846126d4ec35c9325d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
336663
x-cache
HIT
x-cache-hits
49
x-ah-environment
prod
content-length
69549
x-request-id
v-622ae51a-e356-11ec-aeac-4745646cc3cb
last-modified
Fri, 03 Jun 2022 16:01:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9e7fa85caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
eb5srz
consent.trustarc.com/v2/notice/
71 KB
21 KB
Script
General
Full URL
https://consent.trustarc.com/v2/notice/eb5srz
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-107.fra2.r.cloudfront.net
Software
openresty/1.15.8.2 /
Resource Hash
a25103a0414377844f9593cc667dde055393d507762264c8954bbbee3b8c3530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
server
openresty/1.15.8.2
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-amz-cf-id
HgNbduJCtpWmCe6ZhBbfarKY7mNEkgOsvk6ETPUy-vOF2fbEei9hQQ==
fontloader.built.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/
7 KB
2 KB
Script
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
98277
x-cache
HIT
x-cache-hits
59
x-ah-environment
prod
content-length
2334
x-request-id
v-f91bd6ba-9fe9-11ec-9201-fbace669d786
last-modified
Wed, 09 Mar 2022 18:16:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9e7faa5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
menu-drop-down.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
207 B
385 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/menu-drop-down.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c4f02f1f6a5e491336064c0d0bdcd6914d5794a431a359c1f684cec8ed77f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
65127
x-cache
HIT
x-cache-hits
27
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-dc097da2-b9ca-11ec-9324-d7c8a02897d4
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea80a5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
see-what.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
740 B
475 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/see-what.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d544d04a6282b544aa3fbc8e024e41f00902673fe34f774092c02d4e7d6712
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
59452
x-cache
HIT
x-cache-hits
37
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-2c406f2e-b9cb-11ec-9f58-2ff3b2a3ba46
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea8195caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
incident-response.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
777 B
501 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident-response.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
860f45e645e33a50a9a34186d5c0558df4198829fe98679a4a6e1e754fca1aeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
59452
x-cache
HIT
x-cache-hits
46
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-d1d8292a-bd9c-11ec-a5b4-9b21e0468049
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea81c5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
incident.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
1023 B
568 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
98277
x-cache
HIT
x-cache-hits
22
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-8700fb64-9409-11ec-865b-874f1a2e648b
last-modified
Thu, 03 Feb 2022 17:26:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea81d5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
contact-sales.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
613 B
498 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact-sales.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887dea1b760d630afcbae650e3259dc18ef1a7fe3137ab715a56005a69f921b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
59452
x-cache
HIT
x-cache-hits
53
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-d1d4f7b4-bd9c-11ec-bfbb-1b89a9c65fe6
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea81e5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
contact.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
716 B
614 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
98277
x-cache
HIT
x-cache-hits
19
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-870927da-9409-11ec-9507-c3cc6aed761f
last-modified
Thu, 03 Feb 2022 17:26:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea81f5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
support.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
4 KB
2 KB
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/support.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
1020205
x-cache
HIT
x-cache-hits
18
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-74457df4-8f8d-11ec-88bc-cbed12305f5a
last-modified
Thu, 03 Feb 2022 17:26:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea8225caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
sign-in.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
630 B
438 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/sign-in.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf204863b72594d7da599f0ad2cfb43573b91d2ef348983d8890f64ba9858d1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
59452
x-cache
HIT
x-cache-hits
24
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-2c40a822-b9cb-11ec-a0e0-2fed00848533
last-modified
Mon, 11 Apr 2022 19:08:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea8235caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
menu-arrow-white.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
752 B
441 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/menu-arrow-white.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f41b6056bfd2eb59371fabdc40b3970f02458ee463aa92385fe214fb00aebae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
59452
x-cache
HIT
x-cache-hits
68
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-d1d67b8e-bd9c-11ec-bf09-ef036d0ca4b7
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea8245caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
advantage-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
203 B
274 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/advantage-arrow.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
428096
x-cache
HIT
x-cache-hits
2
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-c012a092-aaf7-11ec-84b7-670d1f0629fd
last-modified
Thu, 03 Feb 2022 17:26:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179ca9ea8255caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
MaterialIcons-Outlined.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/
148 KB
148 KB
Font
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/material-icons/MaterialIcons-Outlined.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
66259
x-cache
HIT
x-cache-hits
120
x-ah-environment
prod
content-length
151244
x-request-id
v-4b8b4d74-bd5c-11ec-af68-7f592ecdd231
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9eb82a5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/
55 KB
55 KB
Font
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
1008647
x-cache
MISS
x-ah-environment
prod
content-length
56020
x-request-id
v-5ffea658-852f-11ec-bfb9-a3c5761841d1
last-modified
Wed, 02 Feb 2022 10:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9ed8725caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/
71 KB
71 KB
Font
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
379832
x-cache
HIT
x-cache-hits
80
x-ah-environment
prod
content-length
72380
x-request-id
v-51583b4e-aae3-11ec-b911-87939b0c8a84
last-modified
Wed, 02 Feb 2022 10:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9ed8755caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/
56 KB
56 KB
Font
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
405689
x-cache
HIT
x-cache-hits
50
x-ah-environment
prod
content-length
57572
x-request-id
v-86adaef0-9409-11ec-b165-3b27d8be16ab
last-modified
Wed, 02 Feb 2022 10:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9f49335caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/
56 KB
57 KB
Font
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
405689
x-cache
HIT
x-cache-hits
52
x-ah-environment
prod
content-length
57764
x-request-id
v-3928b072-894f-11ec-8e00-6b6a29e9ac61
last-modified
Wed, 02 Feb 2022 10:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9f49365caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/
55 KB
55 KB
Font
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
371142
x-cache
HIT
x-cache-hits
56
x-ah-environment
prod
content-length
55968
x-request-id
v-9e47b6b8-b6b0-11ec-9718-e3ef8598e229
last-modified
Wed, 02 Feb 2022 10:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179ca9f49385caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
getForm
www2.mandiant.com/index.php/form/
26 KB
6 KB
Script
General
Full URL
https://www2.mandiant.com/index.php/form/getForm?munchkinId=565-PEI-952&form=1015&url=https%3A%2F%2Fwww.mandiant.com%2Freport-incident&callback=jQuery1124040749373627939556_1654609141781&_=1654609141782
Requested by
Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee71a259a1f585d953d5c8d2ae623789758e89936d27075c583b9071fa09dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cf-ray
7179caa07e7c9259-FRA
cached
true
974.bundle.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/
11 KB
3 KB
Script
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?6fa3d5
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_-gj7ptNS1G_G8LxsiBmEzL6LpSHTe9WEYSbU7DXJMl0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d7c4fe1604e08c228b1c8756ccfed58659528670ee420520d157e3787b9f6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1200797
x-cache
HIT
x-cache-hits
14
x-ah-environment
prod
content-length
3374
x-request-id
v-6e037e90-d07a-11ec-9af4-6f1cf76df6ea
last-modified
Tue, 10 May 2022 16:00:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179caa0abea5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
416.bundle.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/
3 KB
1 KB
Script
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/416.bundle.js?d218d8
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_-gj7ptNS1G_G8LxsiBmEzL6LpSHTe9WEYSbU7DXJMl0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65782cf6d5c118e4b84e134d660d5e74d83384799c2f5df88b04963e2e795293
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
66022
x-cache
HIT
x-cache-hits
46
x-ah-environment
prod
content-length
1287
x-request-id
v-5dec8fa0-beb5-11ec-bc68-ebe8160b0a12
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179caa0abee5caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
404.bundle.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/
406 B
387 B
Script
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_-gj7ptNS1G_G8LxsiBmEzL6LpSHTe9WEYSbU7DXJMl0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
716246
x-cache
HIT
x-cache-hits
16
x-ah-environment
prod
content-length
263
x-request-id
v-d4ece9e6-9058-11ec-ac6f-db3eff79a60c
last-modified
Wed, 02 Feb 2022 10:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179caa0abf05caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
396.bundle.js
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/
1 KB
670 B
Script
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/396.bundle.js?d2a36f
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_-gj7ptNS1G_G8LxsiBmEzL6LpSHTe9WEYSbU7DXJMl0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85812e1f30e98e63c3ea17a4a7bea7cc0c26b8edef9c48d0af517fecd45210c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
66022
x-cache
HIT
x-cache-hits
9
x-ah-environment
prod
content-length
519
x-request-id
v-dc75ed0c-b9ca-11ec-ba53-2b236d1ce77c
last-modified
Mon, 11 Apr 2022 19:08:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
varnish
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179caa0abf15caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
magenta-to-red-gradient.jpg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
61 KB
61 KB
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/magenta-to-red-gradient.jpg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56dc3783735b873af61135d410e3ccec9dfd565a5961fd707e85d1d6b654af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
336880
x-cache
HIT
last-modified
Fri, 03 Jun 2022 16:00:33 GMT
x-cache-hits
16
x-ah-environment
prod
content-length
62175
x-request-id
v-62573b10-e356-11ec-9bb9-b3b726e0c161
cf-bgj
h2pri
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179caa0cc235caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
white-cta-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
750 B
476 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/white-cta-arrow.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff46ab88d5fe2880ee24e0a56c4f423096ea4eb7b80e0fc8032319e26b5a002b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
336880
x-cache
HIT
x-cache-hits
23
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-26ec5106-e314-11ec-b424-ff4465191d05
last-modified
Wed, 25 May 2022 16:25:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179caa0cc255caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
footer-bg-transparent.png
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
134 KB
134 KB
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/footer-bg-transparent.png
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:01 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
322423
x-cache
HIT
x-cache-hits
1
x-ah-environment
prod
content-length
136986
x-request-id
v-7bba2596-e378-11ec-87aa-3baa97db0ae9
last-modified
Fri, 03 Jun 2022 20:04:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179caa0cc265caa-FRA
expires
Tue, 21 Jun 2022 13:39:01 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/
365 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mandiant.com/
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
sm.23.html
static.addtoany.com/menu/ Frame D6F2
741 B
554 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1836619
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
7179caa0f8068fef-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:39:01 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e4s
x-content-type-options
nosniff
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/v2/notice/eb5srz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:32:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 07 Jun 2022 13:39:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Jun 2022 13:39:01 GMT
ic-error.svg
consent.trustarc.com/v2/asset/
5 KB
1 KB
Image
General
Full URL
https://consent.trustarc.com/v2/asset/ic-error.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-107.fra2.r.cloudfront.net
Software
openresty/1.15.8.2 /
Resource Hash
5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 13:00:35 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2019 06:14:12 GMT
server
openresty/1.15.8.2
age
2325
vary
Accept-Encoding, Origin
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
JfjKQRWsAmnubf8iCp9l1xlSnwKP9Nt0VL38k0d2db5ZzvPNM7wHUQ==
ic-close-white.svg
consent.trustarc.com/v2/asset/
7 KB
2 KB
Image
General
Full URL
https://consent.trustarc.com/v2/asset/ic-close-white.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-107.fra2.r.cloudfront.net
Software
openresty/1.15.8.2 /
Resource Hash
da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 13:32:11 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2019 06:14:09 GMT
server
openresty/1.15.8.2
age
415
vary
Accept-Encoding, Origin
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
meplsk0Xi8IFly2lwB_uDCyIT1aAXcpFdsuenN7BdGhqCQwb8zq2tQ==
ic-close.svg
consent.trustarc.com/v2/asset/
6 KB
1 KB
Image
General
Full URL
https://consent.trustarc.com/v2/asset/ic-close.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-107.fra2.r.cloudfront.net
Software
openresty/1.15.8.2 /
Resource Hash
78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 13:03:58 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2019 06:14:11 GMT
server
openresty/1.15.8.2
age
2147
vary
Accept-Encoding, Origin
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
bgJKegLgG9_IHPNV6hRqzrrOZ__RU-c4b5q2A42v5WKD--Md-q5L5w==
trustarc-logo-xs.svg
consent.trustarc.com/v2/asset/
3 KB
2 KB
Image
General
Full URL
https://consent.trustarc.com/v2/asset/trustarc-logo-xs.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-107.fra2.r.cloudfront.net
Software
openresty/1.15.8.2 /
Resource Hash
fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
public
date
Tue, 07 Jun 2022 13:19:22 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 02:29:33 GMT
server
openresty/1.15.8.2
age
1315
vary
Accept-Encoding, Origin
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ZLjgkEAFJTNc8l_vWAApyOMvQz4dFOf4Z16Es1QEQrOgwLC-5k-SOA==
gtm.js
www.googletagmanager.com/
361 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?rd2elq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23e0ab6ff9b7fcb1a2a32c5b85e0c5e62659e03e08f7ce3ee178c861e81338d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97901
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Jun 2022 13:39:02 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 19:26:22 GMT
x-content-type-options
nosniff
age
497560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 19:26:22 GMT
arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/
231 B
392 B
Image
General
Full URL
https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/arrow.svg
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/sites/default/files/css/css_WRNR5GPwMB9SEQftGJJuYW6iH0g8EThlNz6VJ0cOceA.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
378692
x-cache
HIT
x-cache-hits
45
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-8704b04c-9409-11ec-9bc3-73234070dfe2
last-modified
Wed, 02 Feb 2022 10:21:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=1209600
cf-ray
7179caa1fe6a5caa-FRA
expires
Tue, 21 Jun 2022 13:39:02 GMT
js
www.googletagmanager.com/gtag/
199 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43035cf868614a7391401e372fd4b29a19a8e9b37dad79c0743875aabf304757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71030
x-xss-protection
0
expires
Tue, 07 Jun 2022 13:39:02 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
256
date
Tue, 07 Jun 2022 13:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Jun 2022 15:34:46 GMT
index.js
cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/
3 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/index.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
853f77de90385806427ff0cd0ac797795adbd82c800c26381f7e55537e736587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2306826
x-jsd-version
2.0.2
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19125-FRA, cache-itm18825-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"b22-n2o9T9k7cye7ujWQ0K/tCJdFJAM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryylsKqYsnwHjh%2Blaqv%2B4SB3QlF7yxLfyy4%2BRbfBpyUhyk1nr%2BruQFMvN9uWy6mSM6pHh4daA65u%2BpmASoN1a1ffRk7tupMlj7YtfizrWs1qvc8ddRIUGMsCvjUAl3CxWoBMk38EZRKn%2FtAeaQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
7179caa2cb529bc2-FRA
access-control-expose-headers
*
9733b1e1169991b694a1ddb4dc45463acc83618f.js
my.hellobar.com/
32 KB
6 KB
Script
General
Full URL
https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99c0bdce00457bb126aaa22babf2ad71d122a616b5f9a4607802de0a99845d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 Jun 2022 22:42:58 GMT
server
cloudflare
x-amz-request-id
YMTRN4N5ZBTGXDTW
etag
W/"9ed60a9cca91d28785cc8ed2533c30a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray
7179caa2eea1913c-FRA
x-amz-id-2
OCQZTiOW3b/Veg1zuoSKr1afbfNEepH4wDj1PMTkpN2dgpKQqCUujUfyUHYCR9qlhR/hHt+SvAk=
cf-bgj
minify
forms2.css
www2.mandiant.com/js/forms2/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://www2.mandiant.com/js/forms2/css/forms2.css
Requested by
Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3599
content-length
2623
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
etag
"21804d1-3437-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7179caa2c9ef9259-FRA
expires
Tue, 07 Jun 2022 17:39:02 GMT
forms2-theme-simple.css
www2.mandiant.com/js/forms2/css/
826 B
533 B
Stylesheet
General
Full URL
https://www2.mandiant.com/js/forms2/css/forms2-theme-simple.css
Requested by
Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3599
content-length
242
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
etag
"21804ce-33a-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7179caa2c9f59259-FRA
expires
Tue, 07 Jun 2022 17:39:02 GMT
getKnownLead
www2.mandiant.com/index.php/form/
192 B
564 B
Script
General
Full URL
https://www2.mandiant.com/index.php/form/getKnownLead?form=1015&lpId=&munchkinId=565-PEI-952&filledFields=true&mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&callback=jQuery1124040749373627939556_1654609141781&_=1654609141783
Requested by
Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f4fad96e41c311c23bfbf1359131b021e72574fbdea9479fc83ad6b9b02e48c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=utf-8
cf-ray
7179caa2c9f89259-FRA
amplitude-8.18.1-min.gz.js
cdn.amplitude.com/libs/
92 KB
25 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-8.18.1-min.gz.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@amplitude/amplitude-js-gtm@2.0.2/dist/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-6.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc639c48fbda7a7d1edd028852cd024851965e1e80c9a43f460687ce92ffd991

Request headers

Referer
https://www.mandiant.com/
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 18:33:31 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
587132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25443
access-control-allow-origin
*
last-modified
Wed, 06 Apr 2022 01:05:30 GMT
server
AmazonS3
etag
"c3ec696faef16420de280b85d83e117f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
II_SYzym81QVleeRt9SdBWN0SkU4nVoj
via
1.1 31f1d6f9a4e05bd522db88334d37b9c2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
7eDPieJ0lTTdc6qPk7jLLPXGpBZXE97dnf4wyFNyArrC8TI29WufmQ==
/
api.amplitude.com/
7 B
167 B
XHR
General
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.18.1-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.111.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-111-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.mandiant.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 07 Jun 2022 13:39:02 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
api.amplitude.com/ Frame
0
0
Preflight
General
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.111.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-111-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://www.mandiant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Tue, 07 Jun 2022 13:39:02 GMT
strict-transport-security
max-age=15768000
modules.js
my.hellobar.com/
252 KB
73 KB
Script
General
Full URL
https://my.hellobar.com/modules.js
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a79e3f2ce76368a434a18160876a952fecf587554cdbbf996a71a8542e697841

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
br
cf-cache-status
HIT
age
4711
cf-polished
origSize=258269
x-amz-request-id
1GFZWEV2SAH7Y4CW
x-amz-id-2
iAsewfOBRRG7ib5B5gzjjqUtYkOsTz6OXVOP6JezIzy1H5Lqr/XJA1awbmcfW815
last-modified
Mon, 16 May 2022 08:14:16 GMT
server
cloudflare
etag
W/"ecb964cafe999f14d93d81d52d7bd9c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7179caa45966913c-FRA
cf-bgj
minify
truncated
/ Frame 4EF8
1 KB
1 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728

Request headers

Referer
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
css
fonts.googleapis.com/ Frame 4EF8
664 B
356 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: my.hellobar.com
URL: https://my.hellobar.com/modules.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:34:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 07 Jun 2022 13:39:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Jun 2022 13:39:02 GMT
adsiIj1T8jK9Mu3syDNsWzFzuk7JCFRD6-EZQ9Jrp
hi.hellobar.com/v/4mvyl66tLlzEinhH09rrtp6j6-_5oS86/
35 B
360 B
Image
General
Full URL
https://hi.hellobar.com/v/4mvyl66tLlzEinhH09rrtp6j6-_5oS86/adsiIj1T8jK9Mu3syDNsWzFzuk7JCFRD6-EZQ9Jrp?t=1654609143&v=cfa8870e-16ee-4e4f-cada-105fc3da8267&f=i&s=65495d9607ca51d880bb3acf6eba2bae28a71a324093074d57dae0c4d61b1c58cc41f5694d34d0b371ce51d0c8a4fed3cdaed71ce59487ddb604403b3ac1e8ea
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9600:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 00:45:13 GMT
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Tue, 10 Apr 2018 13:15:02 GMT
server
AmazonS3
age
85832
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Error from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
goQKqsV5p5eztZ61F2j30dbukR_m--kz2JuYxhLCV9fzKxv7Cl6vJQ==
google-cloud-22px.png
www.mandiant.com/sites/default/files/2022-03/ Frame 4EF8
2 KB
2 KB
Image
General
Full URL
https://www.mandiant.com/sites/default/files/2022-03/google-cloud-22px.png
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d9ba14f6b6a19689abbf49bd5b8b03413896d8557a1cc641128334b429b8f36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
578568
x-cache
HIT
x-cache-hits
44
x-ah-environment
prod
content-length
1708
x-request-id
v-cca59b00-9f19-11ec-ac3d-2f1626fbeab4
last-modified
Tue, 08 Mar 2022 19:55:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
7179caa52c965caa-FRA
expires
Tue, 21 Jun 2022 13:39:02 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 4EF8
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mandiant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 17:07:14 GMT
x-content-type-options
nosniff
age
592308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 17:07:14 GMT
anchor
www.google.com/recaptcha/api2/ Frame 73E4
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6626d91f98ea344017e7ae04803c31763ea55391fb5ffec9ca54e0fb269e3a28
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-prCTYObAS_FfnvKHvU8k0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22624
content-security-policy
script-src 'report-sample' 'nonce-prCTYObAS_FfnvKHvU8k0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:39:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 18B2
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23f530ac3af5d7f9f2bb3daaf60b733ed586daaed4ff4e6303a017518fe0f75e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O3SUz69PB698orJIVc342w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22672
content-security-policy
script-src 'report-sample' 'nonce-O3SUz69PB698orJIVc342w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:39:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 18B2
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 18B2
365 KB
144 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 73E4
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 73E4
365 KB
144 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe660&_p=45950762&_z=ccd.tdB&gcs=G100&cid=627566439.1654609143&ul=en-us&sr=1600x1200&_s=1&sid=1654609142&sct=1&seg=0&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&dr=https%3A%2F%2Fpages.mandiant.com%2F&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:39:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mandiant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=45950762&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAAgAABE~&cid=627566439.1654609143&tid=UA-203244293-1&_gid=853230510.1654609143&gtm=2wg660T72STLD&cg1=null&cg2=report-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&cd2=Pageview&cd3=1654609142164.ic7s087e&cd4=2022-06-07T13%3A39%3A02.164%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd15=null&cd16=null&gcs=G100&cd1=627566439.1654609143&z=1886303814
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 08:04:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20050
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=45950762&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=trustarc&ea=banner_served&_u=aGgAgAABE~&cid=627566439.1654609143&tid=UA-203244293-1&_gid=1844899586.1654609143&gtm=2wg660T72STLD&cg1=null&cg2=report-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&cd3=1654609142232.iq6gqc6q&cd4=2022-06-07T13%3A39%3A02.232%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd15=null&cd16=null&gcs=G100&cd1=627566439.1654609143&z=249105803
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 08:04:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20050
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 18B2
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 13:39:02 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 73E4
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 13:39:02 GMT
XDFrame
www2.mandiant.com/index.php/form/ Frame DE3E
2 KB
961 B
Document
General
Full URL
https://www2.mandiant.com/index.php/form/XDFrame
Requested by
Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a35f6809ebd06635401be41681b52dd7f36d45fd6624e75ab5ce909419d427
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
7179caa829a39259-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 Jun 2022 13:39:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe660&_p=45950762&_z=ccd.tdB&gcs=G100&cid=627566439.1654609143&ul=en-us&sr=1600x1200&_s=2&sid=1654609142&sct=1&seg=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&dr=https%3A%2F%2Fpages.mandiant.com%2F&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&en=page_view&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 13:39:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mandiant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 21A5
44 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aeebd320aadf036eb33971c74ef1be8ac99aca6531e9758cfca280928c83d779
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cBbRKlp4fva_R3ciiZha_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23740
content-security-policy
script-src 'report-sample' 'nonce-cBbRKlp4fva_R3ciiZha_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:39:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 67B1
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_Y5nsztGvkDen52zdc5F3uPKrFl2vLnDXDfy-otA1RKg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8777b90541f61aeda90aeb97debf7272592ce1954b754cedd5d09b17a73f92d4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EXVEsOOs2NfSQAyIw5-HSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22749
content-security-policy
script-src 'report-sample' 'nonce-EXVEsOOs2NfSQAyIw5-HSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:39:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame F6DC
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f024452bb22439672218b4d823e87d0bb49915f2c8ec1085b6dcaccd71e6bcc3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4A0DkZX5S1BN46aptmLZ7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-4A0DkZX5S1BN46aptmLZ7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:39:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
api.amplitude.com/
7 B
167 B
XHR
General
Full URL
https://api.amplitude.com/
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.18.1-min.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.111.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-111-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.mandiant.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 07 Jun 2022 13:39:03 GMT
content-length
7
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 21A5
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 21A5
365 KB
144 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 67B1
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 67B1
365 KB
144 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
/
api.amplitude.com/ Frame
0
0
Preflight
General
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.111.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-111-192.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://www.mandiant.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Tue, 07 Jun 2022 13:39:03 GMT
strict-transport-security
max-age=15768000
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame F6DC
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame F6DC
365 KB
144 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
forms2.min.js
www2.mandiant.com/js/forms2/js/ Frame DE3E
205 KB
68 KB
Script
General
Full URL
https://www2.mandiant.com/js/forms2/js/forms2.min.js
Requested by
Host: www2.mandiant.com
URL: https://www2.mandiant.com/index.php/form/XDFrame
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.mandiant.com/index.php/form/XDFrame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
age
3601
etag
"2d803a5-3326e-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7179caa98bc59259-FRA
expires
Tue, 07 Jun 2022 17:39:03 GMT
truncated
/ Frame 21A5
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 21A5
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 21A5
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 18:59:48 GMT
x-content-type-options
nosniff
age
585555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 07 Jun 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 21A5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 17:06:41 GMT
x-content-type-options
nosniff
age
592342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 31 May 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 21A5
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=j4k1ggbd09a1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 13:39:03 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 67B1
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=compact&cb=r87jzdsojb5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 07 Jun 2022 13:39:03 GMT
nr-1216.min.js
js-agent.newrelic.com/
38 KB
14 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: www.mandiant.com
URL: https://www.mandiant.com/report-incident?mkt_tok=NTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
DQXVECYYH26T8XA2
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
eALUuukJzB4ucStWKbHKE0iJ4pHw1jEWf2JkWgG6tOJtELdAqipD0ZP+vGohR4HC654nDcLzXqg=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1654609144.523268,VS0,VE0
date
Tue, 07 Jun 2022 13:39:03 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13689
bframe
www.google.com/recaptcha/api2/ Frame 4481
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0be8f7399361f207e7d7bb0a63163a926292136f093f6eae1900ff18bc7c54c9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o3bJq7La-CNmmoZsAh1rYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-o3bJq7La-CNmmoZsAh1rYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:39:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame 5C72
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac63eee963875bf2464dfbdcc042efd94cdf039675247f2bc50306daa073f69c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R4NzuWJtpV2g9ET0qUvmQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mandiant.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1115
content-security-policy
script-src 'report-sample' 'nonce-R4NzuWJtpV2g9ET0qUvmQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Jun 2022 13:39:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=45950762&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Freport-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Incident%20Response%20Services%20%7C%20Incident%20%26%20Security%20Breach%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=25%25&el=%2Freport-incident&_u=aGgAgAABE~&cid=627566439.1654609143&tid=UA-203244293-1&_gid=1354562319.1654609144&gtm=2wg660T72STLD&cg1=null&cg2=report-incident%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGE3KJdXlLJDdo_nKOJXqFEYgyMBJG-1SrX1YPjHVfpIqT5FJWb5qG6tO5IR45VLP67OWbobItFtp4b7Uy7BASMjanY0fNmN-Xq2SVKiGzd&cd2=Event&cd3=1654609143543.24yjzwcm&cd4=2022-06-07T13%3A39%3A03.543%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd6=1015&cd13=Incident%20Response&cd15=null&cd16=null&gcs=G100&cd1=627566439.1654609143&z=324902940
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Jun 2022 08:04:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20051
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 4481
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 4481
365 KB
144 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 5C72
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 5C72
365 KB
144 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147703
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 13:09:59 GMT
NRJS-890ead692fb1e944fb6
bam.nr-data.net/1/
49 B
711 B
Script
General
Full URL
https://bam.nr-data.net/1/NRJS-890ead692fb1e944fb6?a=1404479750&v=1216.487a282&to=YlRVYERZV0ZSWhINX1sedldCUVZbHH0UEUBUXWtaWVxcaXBWCBBCWl1bUURkd1pXXDANVUJyWFpCSlZZX1wUSQ5DWFJD&rst=3374&ck=1&ref=https://www.mandiant.com/report-incident&ap=686&be=1237&fe=3307&dc=1730&perf=%7B%22timing%22:%7B%22of%22:1654609140191,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:17,%22ce%22:29,%22rq%22:29,%22rp%22:1214,%22rpe%22:1216,%22dl%22:1217,%22di%22:1729,%22ds%22:1730,%22de%22:1770,%22dc%22:3307,%22l%22:3307,%22le%22:3309%7D,%22navigation%22:%7B%7D%7D&fp=1341&fcp=1341&at=ThNWFgxDREg%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mandiant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Tue, 07 Jun 2022 13:39:04 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
7179caab7ead9000-FRA

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| NREUM object| newrelic function| __nr_require object| a2a_config object| script object| MktoForms2 function| once undefined| $ function| jQuery object| drupalSettings object| Drupal object| webpackChunk function| setImmediate function| clearImmediate object| regeneratorRuntime object| lazySizes object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| a2a object| truste object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| dataLayer function| CaptchaCallback object| recaptcha object| google_tag_manager function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| amplitude function| _amplitude object| gaplugins object| analyticsConnectorInstances function| bootstrap object| hellobarSiteSettings function| hellobar object| closure_lm_695466 object| gaGlobal object| gaData object| jQuery1124040749373627939556 object| $recaptcha object| $recaptchaNormal object| $recaptchaCompact object| $lastRow object| $errorBubble

7 Cookies

Domain/Path Name / Value
pages.mandiant.com/ Name: BIGipServerab_mailtracking_80
Value: !x51PMkwT2ImJzp7n/+ZT2Dlakae2C71W2aoVK0EpI5gVqUOFAst6GLGxH9du19zchxGOlz1zPaiyQ+U=
.pages.mandiant.com/ Name: __cf_bm
Value: zTb3u5Nosf2Bf12OWnMjDDgBUvd2GVYc3VpjNYcHLqE-1654609140-0-Aa25zEcHsu8KDWC+BbQ0IwwlDR2KkoqHcCaaiw8M3D/x61sRd0uETKF8VRi06p83OprfoeVF6f/tm6UFCPbcx9o=
.mandiant.com/ Name: __cf_bm
Value: 8zP2BDC.i7Px6Fw39vvzg1rx1asJAcJLNU08K5SrWKs-1654609141-0-AShDqGQxqH8ypj+GrBKwOTwXv4SviuKmGOqImd6e5fOfCQn0ANuHViX+yx7ibWjArQ8fsB2T4i9ITk+4hgblI3o=
www2.mandiant.com/ Name: BIGipServerab24web-nginx-app_https
Value: !w3I/roYH5YhRJnHn/+ZT2Dlakae2C3Tfk7HT2Ut4hINzL7HwHP4R3jfwZ1VAFClZXwkul/r/YLSVkW4=
.mandiant.com/ Name: amp_00f43d
Value: NE4Ao5rqVyp-L1VQ2ZeKZ5...1g4v67oig.1g4v67pb6.2.0.2
.www2.mandiant.com/ Name: __cf_bm
Value: 5HN646BxtgV05V7peziVj1ig7b.eDk76JgK7BVsfxec-1654609143-0-AaR3yWR+V3wu6gJlrGdxtVeJsbXCNYdbc/xeDPGl5VJz/FbHhDefSzg0NZeOeBBpaAu2b2x1kz9TDSa+OEBS/K4=
.nr-data.net/ Name: JSESSIONID
Value: dff76814c11b054c

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-KIYHOLqjviuob5+QroremNnoDov7p9mvf+Rhb+L6ttk=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
bam.nr-data.net
cdn.amplitude.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
hi.hellobar.com
js-agent.newrelic.com
my.hellobar.com
pages.mandiant.com
static.addtoany.com
www.fireeye.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mandiant.com
www2.mandiant.com
104.17.71.206
104.17.74.206
13.225.77.107
151.101.66.137
162.247.241.14
18.66.242.6
2600:9000:20eb:9600:1b:45dc:7080:93a1
2606:4700:10::ac43:2794
2606:4700:10::ac43:2be9
2606:4700:300b::a29f:f07d
2606:4700:300b::a29f:f67d
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:830::2003
44.235.111.192
050e33914f9585a14cb2d973fb26abeabf592afd7dad8c051919047e585966ab
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b617a1a9d405a304eae1f3337639a1be619633a047ccac0a61d70cf2d2032e4
0be8f7399361f207e7d7bb0a63163a926292136f093f6eae1900ff18bc7c54c9
0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6
0f2e61cd1a10aebb0eae1a2f6914784a4d9be90a46b1c67700311d0f66d3e379
13a35f6809ebd06635401be41681b52dd7f36d45fd6624e75ab5ce909419d427
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
18089c9cfddb60950415ae993e56f1d027fd533edeb5189ef7845cfb33e69f12
185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05
195fc406dbdbe81846387873a37f88b81514ddedd3877b59e1a4615e90b18173
1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
22d544d04a6282b544aa3fbc8e024e41f00902673fe34f774092c02d4e7d6712
23e0ab6ff9b7fcb1a2a32c5b85e0c5e62659e03e08f7ce3ee178c861e81338d5
23f530ac3af5d7f9f2bb3daaf60b733ed586daaed4ff4e6303a017518fe0f75e
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2d9ba14f6b6a19689abbf49bd5b8b03413896d8557a1cc641128334b429b8f36
3a1c0551e1f4989f1a37e43392dcc93c8aea98511ebbb0886621b964ac062eb7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43035cf868614a7391401e372fd4b29a19a8e9b37dad79c0743875aabf304757
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
591351e463f0301f521107ed18926e616ea21f483c113865373e9527470e71e0
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282
5f4fad96e41c311c23bfbf1359131b021e72574fbdea9479fc83ad6b9b02e48c
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
6399ecced1af9037a7e76cdd739177b8f2ab165daf2e70d70dfcbea2d03544a8
65782cf6d5c118e4b84e134d660d5e74d83384799c2f5df88b04963e2e795293
6626d91f98ea344017e7ae04803c31763ea55391fb5ffec9ca54e0fb269e3a28
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b9c3158d7700a96a2fc4de59adc0c4724338c900d14b9447653c52d50df1621
6ee71a259a1f585d953d5c8d2ae623789758e89936d27075c583b9071fa09dd5
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7127d15642f8979cf58784f91d487e77a81cd8e1db0e8547cb683f62829ad7d0
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728
78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853f77de90385806427ff0cd0ac797795adbd82c800c26381f7e55537e736587
85812e1f30e98e63c3ea17a4a7bea7cc0c26b8edef9c48d0af517fecd45210c7
860f45e645e33a50a9a34186d5c0558df4198829fe98679a4a6e1e754fca1aeb
8777b90541f61aeda90aeb97debf7272592ce1954b754cedd5d09b17a73f92d4
887dea1b760d630afcbae650e3259dc18ef1a7fe3137ab715a56005a69f921b0
8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98d7c4fe1604e08c228b1c8756ccfed58659528670ee420520d157e3787b9f6a
9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9
9f41b6056bfd2eb59371fabdc40b3970f02458ee463aa92385fe214fb00aebae
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25103a0414377844f9593cc667dde055393d507762264c8954bbbee3b8c3530
a79e3f2ce76368a434a18160876a952fecf587554cdbbf996a71a8542e697841
ac63eee963875bf2464dfbdcc042efd94cdf039675247f2bc50306daa073f69c
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aeebd320aadf036eb33971c74ef1be8ac99aca6531e9758cfca280928c83d779
b03e22cd46df6548a01dd0efd4d0f482fdd748ac1c723a2ef96a418d3412ee7d
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b99c0bdce00457bb126aaa22babf2ad71d122a616b5f9a4607802de0a99845d9
bc639c48fbda7a7d1edd028852cd024851965e1e80c9a43f460687ce92ffd991
bf204863b72594d7da599f0ad2cfb43573b91d2ef348983d8890f64ba9858d1e
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e
ce56dc3783735b873af61135d410e3ccec9dfd565a5961fd707e85d1d6b654af
da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4f02f1f6a5e491336064c0d0bdcd6914d5794a431a359c1f684cec8ed77f7
f024452bb22439672218b4d823e87d0bb49915f2c8ec1085b6dcaccd71e6bcc3
f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fa08fba6d352d46fc6f0bc6c881984ccbe8ba521d37bd5846126d4ec35c9325d
fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6
ff46ab88d5fe2880ee24e0a56c4f423096ea4eb7b80e0fc8032319e26b5a002b