www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDDnAlgzjZuocBy_nUfP3PXVvWkEc9RZ5yXs5e74PxXarH8f4lrOlIagY4yBqulmVg7J2oPlI=
Effective URL:
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVR...
Submission: On March 09 via api (March 9th 2022, 7:59:50 pm UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 109 HTTP transactions. The main IP is 2606:4700:300b::a29f:f07d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com. The Cisco Umbrella rank of the primary domain is 175804.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 4th 2021. Valid for: a year.

This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700:300... 2606:4700:300b::a29f:f07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:300... 2606:4700:300b::a29f:f67d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.107 143.204.98.107	16509 (AMAZON-02) (AMAZON-02)
3 23	151.101.129.181 151.101.129.181	54113 (FASTLY) (FASTLY)
4	93.184.221.26 93.184.221.26	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	143.204.98.71 143.204.98.71	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2be9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	104.126.37.161 104.126.37.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:215... 2600:9000:2156:f200:1b:45dc:7080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.242.32 162.247.242.32	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
4	34.206.242.46 34.206.242.46	14618 (AMAZON-AES) (AMAZON-AES)
109	22

7 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www2.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:300b::a29f:f07d (United States)

ASN13335 (CLOUDFLARENET, US)

www.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:300b::a29f:f67d (United States)

ASN13335 (CLOUDFLARENET, US)

www.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-107.fra50.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.129.181 (United States) 3 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.221.26 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2be9 (United States)

ASN13335 (CLOUDFLARENET, US)

my.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.37.161 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-161.deploy.static.akamaitechnologies.com

ff.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:f200:1b:45dc:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)

hi.hellobar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.32 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.nz

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.206.242.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-242-46.compute-1.amazonaws.com

raw.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	mandiant.com pages.mandiant.com — Cisco Umbrella Rank: 172107 www.mandiant.com — Cisco Umbrella Rank: 175804 www2.mandiant.com — Cisco Umbrella Rank: 205679	753 KB
31	vidyard.com 3 redirects play.vidyard.com — Cisco Umbrella Rank: 9533 cdn.vidyard.com — Cisco Umbrella Rank: 13658 assets.vidyard.com — Cisco Umbrella Rank: 18624 raw.vidyard.com — Cisco Umbrella Rank: 19716	491 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	858 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	48 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
5	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2869	26 KB
3	hellobar.com my.hellobar.com — Cisco Umbrella Rank: 14977 hi.hellobar.com — Cisco Umbrella Rank: 45256	79 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	154 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
2	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3666	26 KB
2	d41.co cdn-0.d41.co — Cisco Umbrella Rank: 14430 ff.d41.co — Cisco Umbrella Rank: 143601	267 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 550	322 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	fireeye.com www.fireeye.com — Cisco Umbrella Rank: 178998	1020 B
109	15

	Domain	Requested by
27	www.mandiant.com	pages.mandiant.com www.mandiant.com
13	play.vidyard.com	3 redirects www.mandiant.com play.vidyard.com www.googletagmanager.com assets.vidyard.com
10	assets.vidyard.com	play.vidyard.com assets.vidyard.com
10	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	www.mandiant.com www.gstatic.com www.google.com
6	www2.mandiant.com	www.mandiant.com www2.mandiant.com
5	www.google-analytics.com	www.googletagmanager.com
5	consent.trustarc.com	www.mandiant.com
4	raw.vidyard.com	assets.vidyard.com
4	cdn.vidyard.com	www.mandiant.com assets.vidyard.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	my.hellobar.com	www.googletagmanager.com my.hellobar.com
2	www.googletagmanager.com	www.mandiant.com www.googletagmanager.com
2	fonts.googleapis.com	consent.trustarc.com my.hellobar.com
2	static.addtoany.com	www.mandiant.com static.addtoany.com
1	bam.nr-data.net	js-agent.newrelic.com
1	hi.hellobar.com
1	ff.d41.co	cdn-0.d41.co
1	js-agent.newrelic.com	www.mandiant.com
1	cdn-0.d41.co	www.mandiant.com
1	cdnjs.cloudflare.com	www.mandiant.com
1	www.fireeye.com	www.mandiant.com
1	pages.mandiant.com
109	23

This site contains links to these domains. Also see Links.

Domain
investors.mandiant.com
login.mandiant.com
www.mandiant.fr
www.mandiant.de
www.mandiant.jp
www.mandiant.kr
careers.smartrecruiters.com
community.fireeye.com
partners.fireeye.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
trustarc.com

Subject Issuer	Validity	Valid
pages.mandiant.com Cloudflare Inc ECC CA-3	`2022-01-13` - `2023-01-12`	a year	crt.sh
mandiant.com Cloudflare Inc ECC CA-3	`2021-11-04` - `2022-11-03`	a year	crt.sh
fireeye.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www2.mandiant.com Cloudflare Inc ECC CA-3	`2022-01-13` - `2023-01-12`	a year	crt.sh
*.d41.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
apps02.dnb.com DigiCert SHA2 Secure Server CA	`2022-01-19` - `2022-04-20`	3 months	crt.sh
*.hellobar.com Amazon	`2021-11-15` - `2022-12-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o
Frame ID: A97AF006187D73DD457900B3CFBB3BE5
Requests: 66 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: E123FA03095503F2B2C484F5B89684FC
Requests: 1 HTTP requests in this frame

Frame: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Frame ID: 46ABEB92F7D32CC0C6FD81CD586B6BC3
Requests: 17 HTTP requests in this frame

Frame: https://www2.mandiant.com/index.php/form/XDFrame
Frame ID: D4676112D7E7118FB6B91ABFCD61B8DC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=x60uqbao7j9
Frame ID: 9DDABB41A2623BF5DD936D9B8902266B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=compact&cb=pqztai87fb23
Frame ID: 18D2556EAC844A3832F9321FAE50405B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 694838BF97BBC8309B247779E08E8E92
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=x60uqbao7j9
Frame ID: F4C3F796F5D89D72AA0C97BEA00B7626
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=compact&cb=pqztai87fb23
Frame ID: 6C142FBCC32368071F173D093A8050AD
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 56426F1A411F00F91B06B8E9DC7FD1F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 98DDCDEB145048203A0201A847AAA459
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Threat Intelligence | Mandiant Threat Intelligence Free

Page URL History Show full URLs

https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDDnAlgzjZuocBy_nUfP3PXVvWkEc9RZ5yXs5e74PxXarH8f4lrOlIagY4... Page URL
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha
/recaptcha/api\.js

Page Statistics

109
Requests

95 %
HTTPS

57 %
IPv6

15
Domains

23
Subdomains

22
IPs

4
Countries

2744 kB
Transfer

7204 kB
Size

6
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://investors.mandiant.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://login.mandiant.com/
Title: .userlayer-1{fill:none;stroke-miterlimit:10;stroke-width:15px}

Search URL Search Domain Scan URL

URL: https://www.mandiant.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://www.mandiant.de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.mandiant.jp/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.mandiant.kr/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://careers.smartrecruiters.com/mandiant/all/
Title: Careers

Search URL Search Domain Scan URL

URL: https://community.fireeye.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://partners.fireeye.com/English/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mandiant

Search URL Search Domain Scan URL

URL: https://twitter.com/Mandiant

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCexu0DP7VKdDByusuTA53FQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mandiant/

Search URL Search Domain Scan URL

URL: https://trustarc.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDDnAlgzjZuocBy_nUfP3PXVvWkEc9RZ5yXs5e74PxXarH8f4lrOlIagY4yBqulmVg7J2oPlI= Page URL
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

Request Chain 74

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

Request Chain 93

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 NTY1LVBFSS05NTIAAAGDDnAlgzjZuocBy_nUfP3PXVvWkEc9RZ5yXs5e74PxXarH8f4lrOlIagY4yBqulmVg7J2oPlI=
pages.mandiant.com/ 504 B
976 B 157ms
135ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDDnAlgzjZuocBy_nUfP3PXVvWkEc9RZ5yXs5e74PxXarH8f4lrOlIagY4yBqulmVg7J2oPlI=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 09 Mar 2022 19:59:45 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e96649689ee9140-FRA
content-encoding: gzip

GET
H2 200 Primary Request free-version Show response
www.mandiant.com/advantage/threat-intelligence/ 191 KB
56 KB 995ms
940ms Document
text/html 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o

Requested by

Host: pages.mandiant.com
URL: https://pages.mandiant.com/NTY1LVBFSS05NTIAAAGDDnAlgzjZuocBy_nUfP3PXVvWkEc9RZ5yXs5e74PxXarH8f4lrOlIagY4yBqulmVg7J2oPlI=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

453ef40e8581def8d424971f68e5a9586b5799944b815e6ef2c0b1c8a45b4326

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pages.mandiant.com/

Response headers

date: Wed, 09 Mar 2022 19:59:46 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=2764800, public
link: <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="canonical" <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="en" <https://www.mandiant.fr/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="fr" <https://www.mandiant.de/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="de" <https://www.mandiant.jp/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="ja" <https://www.mandiant.kr/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="ko"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 09 Mar 2022 19:59:46 GMT
etag: "1646855986"
vary: Cookie,Accept-Encoding
content-security-policy: report-uri /report-csp-violation
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin
expect-ct: max-age=86400
content-encoding: gzip
x-request-id: v-78211cc4-9fe3-11ec-80cc-abd404439485
x-ah-environment: prod
age: 0
via: varnish
x-cache: MISS
accept-ranges: bytes
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e9664983917e907-MXP

GET
H2 200 google_tag.script.js Show response
www.mandiant.com/sites/default/files/google_tag/google_tag_manager/ 348 B
563 B 50ms
48ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r8hphl

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4931
x-cache: HIT
x-cache-hits: 31
x-ah-environment: prod
content-length: 280
x-request-id: v-a33d6d1c-9fd5-11ec-9794-4bf1aecd4fe6
last-modified: Wed, 09 Mar 2022 18:17:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649e3a4ee907-MXP
expires: Wed, 23 Mar 2022 19:59:46 GMT

GET
H2 200 css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css
www.mandiant.com/sites/default/files/css/ 9 KB
3 KB 57ms
55ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202826
x-cache: HIT
x-cache-hits: 13
x-ah-environment: prod
content-length: 2495
x-request-id: v-48312b68-9042-11ec-98a8-c7c220013a75
last-modified: Tue, 15 Feb 2022 18:04:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649e3a4fe907-MXP
expires: Wed, 23 Mar 2022 19:59:46 GMT

GET
H2 200 clientlibs_recaptcha.min.css
www.fireeye.com/etc/designs/fireeye-www/ 649 B
1020 B 106ms
59ms Stylesheet
text/css 2606:4700:300b::a29f:f67d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_recaptcha.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f67d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9

Security Headers

Name	Value
Content-Security-Policy	worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://content.fireeye.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-dispatcher: dispatcher2uswest1
date: Wed, 09 Mar 2022 19:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 575
x-vhost: publish
vary: Accept-Encoding,User-Agent
content-length: 373
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Mar 2022 01:07:41 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://content.fireeye.com
etag: "289-5d9aa9b958e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
accept-ranges: bytes
cf-ray: 6e96649e7d4859b3-MXP
expires: Wed, 09 Mar 2022 23:59:46 GMT

GET
H2 200 css_3X6AxfM5DxgQzmwm-Sb7icFieRYVVJx6f5ZNTFES4NA.css
www.mandiant.com/sites/default/files/css/ 1 KB
413 B 53ms
51ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_3X6AxfM5DxgQzmwm-Sb7icFieRYVVJx6f5ZNTFES4NA.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd7e80c5f3390f1810ce6c26f926fb89c162791615549c7a7f964d4c5112e0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 212888
x-cache: HIT
x-cache-hits: 8
x-ah-environment: prod
content-length: 280
x-request-id: v-d71ac486-7b4f-11ec-9bb5-1b76451e2012
last-modified: Sat, 22 Jan 2022 04:53:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649e3a53e907-MXP
expires: Wed, 23 Mar 2022 19:59:46 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 51ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 678736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4364
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K70YewrJgXnlZ1J1I9FRvWku3h%2FWBey2SAzt72wmmgvibkrcqwArOHdpnave25DDXAsF0RxvylvRs%2FpzcnQGAgffTxueMDlyLy9xosVNDedesT2xB0ly7gr9C2UXYWl2B7NR8sCBInoL85ZB2JJcuLW3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e96649e5ebe23f7-ZRH
expires: Mon, 27 Feb 2023 19:59:46 GMT

GET
H2 200 css_JIqh2ZS2sxtsOPGcmOLIwnXHmcSfCmFpuPb7flHTjSM.css
www.mandiant.com/sites/default/files/css/ 144 KB
21 KB 59ms
58ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_JIqh2ZS2sxtsOPGcmOLIwnXHmcSfCmFpuPb7flHTjSM.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248aa1d994b6b31b6c38f19c98e2c8c275c799c49f0a6169b8f6fb7e51d38d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5921
x-cache: MISS
x-ah-environment: prod
content-length: 21763
x-request-id: v-af2a38b2-9fd5-11ec-a0c9-0fb005558b3f
last-modified: Wed, 09 Mar 2022 18:17:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649e3a54e907-MXP
expires: Wed, 23 Mar 2022 19:59:46 GMT

GET
H2 200 css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
www.mandiant.com/sites/default/files/css/ 261 KB
31 KB 57ms
56ms Stylesheet
text/css 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

324f5cf9dbfef7a2e0c9cecd227f7ca03511b7e305c9026ec775cfa4a986890a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5921
x-cache: MISS
x-ah-environment: prod
content-length: 31366
x-request-id: v-af252ba6-9fd5-11ec-9de0-0313fa805cba
last-modified: Wed, 09 Mar 2022 18:17:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649e3a55e907-MXP
expires: Wed, 23 Mar 2022 19:59:46 GMT

GET
H2 200 forms2.min.js Show response
www2.mandiant.com/js/forms2/js/ 205 KB
68 KB 275ms
140ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 12 Jan 2022 18:47:30 GMT
server: cloudflare
etag: "2a02c81-33210-5d567007b9480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6e96649f081b9b37-FRA
expires: Wed, 09 Mar 2022 23:59:47 GMT

GET
H/1.1 200
OK ff-3.min.js Show response
cdn-0.d41.co/tags/ 265 KB
266 KB 48ms
18ms Script
application/javascript 143.204.98.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/ff-3.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-107.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce659473360379780a37f64a2f3609ea756953553032a6f7215f529641a2c2dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 19:59:46 GMT
Via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront)
Last-Modified: Thu, 16 Dec 2021 20:47:36 GMT
Server: AmazonS3
Age: 245
ETag: "c7bef8fcfa2a49c60df32820fd19a007"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 271716
X-Amz-Cf-Id: 6PZ9sIExlYPD-k_EAqvn-QpJm2M5ZmX8h38eYVrR5Ccqn2z5h8QKjw==

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 71 KB
23 KB 39ms
6ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a4b2001122dd39199bbfd92904833d9ba48cdeb06c053a24e4155771b2aa92a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 30649
x-cache: HIT
x-cache-hits: 3
content-length: 23192
x-served-by: cache-hhn4082-HHN
x-china: 0
last-modified: Tue, 11 Jan 2022 16:11:16 GMT
etag: "1754d147a447af9d75d777438a745153"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
32 KB

77ms
9ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o
Protocol: H2
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F44) /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
x-cdn: edgecast
age: 123676
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-request-id: GW2M72Z3W3JMG0MX
x-amz-id-2: 9bgR8//wYgOnN6j/CYIhb4fFdt/ECJxcE9l2rz3vZT5/e42ObXaXCgIbzdOaio2CABSe7qqzReo=
accept-ranges: bytes
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: ECAcc (frc/8F44)
etag: "09c372482f3c326fb5c1843a299311cb"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
content-length: 31938
content-type: image/jpeg

Redirect headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: 1.1 varnish
age: 110468
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4082-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1646855987.047275,VS0,VE1
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 IDC_logo.png
www.mandiant.com/sites/default/files/2021-09/ 33 KB
33 KB 55ms
54ms Image
image/png 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/IDC_logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9537e3f5594de1f0ff9699c91ce421f2deb6db5929e7b7c5735deebbb6f3b214

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 108106
x-cache: HIT
x-cache-hits: 212
x-ah-environment: prod
content-length: 33645
x-request-id: v-b4e5991c-93f6-11ec-b167-930d567c6c69
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649eeb50e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 js_RtYGCnmFI3sNPE7gLz7cHCEkNzEHEs-SvlzaZvVIOos.js Show response
www.mandiant.com/sites/default/files/js/ 114 KB
39 KB 59ms
59ms Script
text/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_RtYGCnmFI3sNPE7gLz7cHCEkNzEHEs-SvlzaZvVIOos.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46d6060a7985237b0d3c4ee02f3edc1c212437310712cf92be5cda66f5483a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 471449
x-cache: HIT
x-cache-hits: 37
x-ah-environment: prod
content-length: 40076
x-request-id: v-3cbf9be2-8517-11ec-8197-d3bec971caf4
last-modified: Thu, 03 Feb 2022 17:27:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649edb44e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
992 B 37ms
17ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c597aaf32cbc53e9d6278b59208ee483ed11337e756f38dffebf303c99ee9df8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 1; mode=block
expires: Wed, 09 Mar 2022 19:59:47 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 54ms
23ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41711
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6e96649f0aba0200-ZRH
cf-bgj: minify

GET
H2 200 js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js Show response
www.mandiant.com/sites/default/files/js/ 176 KB
56 KB 52ms
50ms Script
text/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e38f9c710bcd365c34ade79b6685adebe034dee9ca0e276d97e65b627a3c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5922
x-cache: MISS
x-ah-environment: prod
content-length: 56915
x-request-id: v-af306750-9fd5-11ec-a2f0-1b9238dec4de
last-modified: Wed, 09 Mar 2022 18:17:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649eeb4de907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 eb5srz Show response
consent.trustarc.com/v2/notice/ 68 KB
20 KB 78ms
56ms Script
text/javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/v2/notice/eb5srz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-amz-cf-id: YpzjbCPGZY3_j45DU_5dtk23mBYUDC4bN0y08HgzHneFT5NpwLIwwQ==

GET
H2 200 fontloader.built.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 41ms
40ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cb9efe9226cab0669f7f6cdf082ec49a48a58f6411b69864b6f952928b979a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 402607
x-cache: HIT
x-cache-hits: 101
x-ah-environment: prod
content-length: 2315
x-request-id: v-8694b8c8-9409-11ec-a9bc-1f43d1dcd2f6
last-modified: Wed, 02 Feb 2022 10:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649eeb52e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 incident.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 1023 B
568 B 54ms
54ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/incident.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 521295
x-cache: HIT
x-cache-hits: 50
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-8afa6880-8519-11ec-97d2-13f599d437b0
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6e96649efb75e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 contact.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 716 B
621 B 48ms
47ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/contact.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 521295
x-cache: HIT
x-cache-hits: 54
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-73ab1a7a-8f8d-11ec-8760-773cb24816d6
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6e96649efb78e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 support.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 4 KB
2 KB 52ms
51ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/support.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 521295
x-cache: HIT
x-cache-hits: 51
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-74457df4-8f8d-11ec-88bc-cbed12305f5a
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6e96649efb79e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 advantage-arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 203 B
319 B 41ms
41ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/advantage-arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 521295
x-cache: HIT
x-cache-hits: 49
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-e3ffa198-8519-11ec-86dc-e3a6e6c5e82b
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6e96649efb7ae907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 checkmark2.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 218 B
314 B 44ms
44ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/checkmark2.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3ff514e976873b7081af527277e1320e912c98ba1406fa8701753def950b786

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 115286
x-cache: HIT
x-cache-hits: 169
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-94402656-93ff-11ec-81db-e38bb1574110
last-modified: Wed, 02 Feb 2022 10:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6e96649f0b7ce907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 47ms
46ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 643549
x-cache: HIT
x-cache-hits: 168
x-ah-environment: prod
content-length: 56020
x-request-id: v-da31088a-9407-11ec-bda4-8f82cbf110fd
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649f2bb6e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 71 KB
71 KB 44ms
43ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 643550
x-cache: HIT
x-cache-hits: 239
x-ah-environment: prod
content-length: 72380
x-request-id: v-3a47b066-894f-11ec-91fd-cb05ee5e1f49
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649f2bb7e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
56 KB 42ms
41ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1180362
x-cache: HIT
x-cache-hits: 19
x-ah-environment: prod
content-length: 57572
x-request-id: v-86adaef0-9409-11ec-b165-3b27d8be16ab
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649f8c66e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
57 KB 42ms
41ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 643550
x-cache: HIT
x-cache-hits: 259
x-ah-environment: prod
content-length: 57764
x-request-id: v-3928b072-894f-11ec-8e00-6b6a29e9ac61
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649f8c68e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 73ms
73ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 643549
x-cache: HIT
x-cache-hits: 228
x-ah-environment: prod
content-length: 55968
x-request-id: v-64d0ed2e-8978-11ec-8085-f7e436b0158c
last-modified: Wed, 02 Feb 2022 10:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e96649f8c6be907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 getForm Show response
www2.mandiant.com/index.php/form/ 22 KB
5 KB 430ms
429ms Script
application/javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/index.php/form/getForm?munchkinId=565-PEI-952&form=1019&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&callback=jQuery1124014731275540768451_1646855987202&_=1646855987203

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94c53cdd0a088291d77fb24a380f2539eb30db64845a3d70451012eb79a4a169

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cf-ray: 6e9664a03b1e9b37-FRA
cached: false

GET
H2 200 Barlow-MediumItalic.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 59 KB
59 KB 37ms
37ms Font
text/plain 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-MediumItalic.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 643549
x-cache: HIT
x-cache-hits: 221
x-ah-environment: prod
content-length: 60612
x-request-id: v-a5796598-894d-11ec-a84d-1f628a0036c3
last-modified: Wed, 02 Feb 2022 10:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e9664a04d55e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 974.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 9 KB
3 KB 41ms
40ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?0931c5

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3db2a9223644ed048da912927deafff6534b8f5e59d3bdbd5abcc87fa489cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5921
x-cache: MISS
x-ah-environment: prod
content-length: 2659
x-request-id: v-afc33512-9fd5-11ec-a89e-fbd8b76b053f
last-modified: Wed, 09 Mar 2022 18:16:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e9664a08dbde907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 416.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 3 KB
1 KB 61ms
60ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/416.bundle.js?ca836e

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4694bfd9721d7d0e5378f47467ffebb3b4c991685daedb44351497de1285f822

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1016909
x-cache: HIT
x-cache-hits: 66
x-ah-environment: prod
content-length: 1233
x-request-id: v-86a4b8f4-9409-11ec-93dd-574b7a5eed01
last-modified: Thu, 03 Feb 2022 17:26:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e9664a09dbfe907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 404.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 406 B
404 B 57ms
57ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1019914
x-cache: HIT
x-cache-hits: 57
x-ah-environment: prod
content-length: 263
x-request-id: v-86a52cf8-9409-11ec-97f4-eb14cea7673d
last-modified: Wed, 02 Feb 2022 10:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e9664a09dc2e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 27.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 503 B
563 B 74ms
74ms Script
application/javascript 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/27.bundle.js?998f5e

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_IeOPnHELzTZcNK3nm2aFrevgNN7pyg4nbZfmW2J6PFE.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7582f1ce2b50afe0c64f6da84ed7104462c073ef5d4d8054b1cc7cecf6da0f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 561227
x-cache: HIT
x-cache-hits: 88
x-ah-environment: prod
content-length: 332
x-request-id: v-3e88c328-9416-11ec-abf2-bf3d7d375afe
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e9664a09dc3e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ 360 KB
142 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 19:21:47 GMT

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame E123 741 B
554 B 137ms
136ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e2s
cf-cache-status: HIT
age: 2397023
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6e9664a11fac0200-ZRH
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 46ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/v2/notice/eb5srz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e5e148a6482560efb2b4727dc197aec735495698a07578b5801814f869f72a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 18:06:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 19:59:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 19:59:47 GMT

GET
H2 200 ic-error.svg
consent.trustarc.com/v2/asset/ 5 KB
1 KB 14ms
14ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-error.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Mar 2022 19:34:31 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:12 GMT
server: openresty/1.15.8.2
age: 1591
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DarIDMmdJ3U5m3Twp0dK6uROd3tK-E8jk60u7-Zbkr-yrC8jmtYbAA==

GET
H2 200 ic-close-white.svg
consent.trustarc.com/v2/asset/ 7 KB
2 KB 14ms
14ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-close-white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Mar 2022 19:34:31 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:09 GMT
server: openresty/1.15.8.2
age: 1552
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: J9-4zk-WM0kPmAErdsUNij3R3kOBg1Gw6z4IgTtue1byVRNAMdSWPA==

GET
H2 200 ic-close.svg
consent.trustarc.com/v2/asset/ 6 KB
1 KB 14ms
14ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/ic-close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Mar 2022 19:56:38 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:11 GMT
server: openresty/1.15.8.2
age: 385
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: blWtzswLTEUFxi1ytq9DBBzT2KuGgo_8_Br2Zp0CM1D60DWDyO54sw==

GET
H2 200 trustarc-logo-xs.svg
consent.trustarc.com/v2/asset/ 3 KB
2 KB 14ms
14ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/v2/asset/trustarc-logo-xs.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

openresty/1.15.8.2 /

Resource Hash

fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Mar 2022 19:08:48 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 02:29:33 GMT
server: openresty/1.15.8.2
age: 3099
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zvDAEGDpXGaXYPTm_D82QMrojUHSk6i30BQ0ZTepd8RtT_of85-_dw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 340 KB
91 KB 72ms
44ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r8hphl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d66146075dec94ae99d1566e3dcf3516fd046e6e70dd707006499ebc30dd344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92887
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 18:30:01 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Mar 2022 19:59:47 GMT

GET
H2 200 arrow.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 231 B
308 B 43ms
43ms Image
image/svg+xml 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/arrow.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Mk9c-dv-96Lgyc7NIn98oDURt-MFyQJux3XPpKmGiQo.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 613343
x-cache: HIT
x-cache-hits: 71
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-8704b04c-9409-11ec-9bc3-73234070dfe2
last-modified: Wed, 02 Feb 2022 10:21:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6e9664a11e72e907-MXP
expires: Wed, 23 Mar 2022 19:59:47 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 6977
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 18:03:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 42ms
27ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79b5d94138554418bb68f90902cfbe345978a0ac838b94551c34a57ba9ee2b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64741
x-xss-protection: 0
expires: Wed, 09 Mar 2022 19:59:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1494
date: Wed, 09 Mar 2022 19:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 09 Mar 2022 21:34:53 GMT

GET
H2 200 9733b1e1169991b694a1ddb4dc45463acc83618f.js Show response
my.hellobar.com/ 32 KB
6 KB 279ms
250ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fd01b7669f94eb36efaac635e0a1aad0c62aa32acf00a1663b5591ce8ca0ba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 09 Mar 2022 06:07:36 GMT
server: cloudflare
x-amz-request-id: X1TZAKCNB34DEREB
etag: W/"73017bc1ba1f39125f3f2ca8d773e238"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400, must-revalidate, proxy-revalidate, s-maxage=10
cf-ray: 6e9664a1cda7cc4e-ZRH
x-amz-id-2: ISf8my0rwTufeo+AdHRNRcy5YztpCRAwQScEcBhbhdjUQv2MaXGOi/GcLPW2Z4aYEkrqssQTefM=
cf-bgj: minify

GET
H2 200 forms2.css
www2.mandiant.com/js/forms2/css/ 13 KB
3 KB 128ms
128ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/css/forms2.css

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding
content-length: 2623
last-modified: Wed, 12 Jan 2022 18:47:30 GMT
server: cloudflare
etag: "2a02c88-3437-5d567007b9480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6e9664a2d9439b37-FRA
expires: Wed, 09 Mar 2022 23:59:47 GMT

GET
H2 200 forms2-theme-simple.css
www2.mandiant.com/js/forms2/css/ 826 B
541 B 126ms
125ms Stylesheet
text/css 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 12 Jan 2022 18:47:30 GMT
server: cloudflare
etag: "52165e-33a-5d567007b9480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6e9664a2d9489b37-FRA
content-length: 242
expires: Wed, 09 Mar 2022 23:59:47 GMT

GET
H2 200 modules.js Show response
my.hellobar.com/ 251 KB
73 KB 42ms
41ms Script
text/javascript 2606:4700:10::ac43:2be9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.hellobar.com/modules.js
Requested by: Host: my.hellobar.com
URL: https://my.hellobar.com/9733b1e1169991b694a1ddb4dc45463acc83618f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2be9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c1f7185d8bbe632d4d50c3636c1995131ed4a7fce9075870d0365aeabc238e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 5335
cf-polished: origSize=257701
x-amz-request-id: 2VY0MPGQNHPVXBKA
x-amz-id-2: +B6shaPiEpHiUqtbymtOi+8aRnMV8Y4T7dyKC3jSfuC4nR6JND7/BFparQ0/+UcYO4hN550xyM4=
last-modified: Sat, 22 Jan 2022 17:06:52 GMT
server: cloudflare
etag: W/"528f8fc510b37ae1e74264ecd209615b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6e9664a35f9acc4e-ZRH
cf-bgj: minify

GET
H2 200 nr-1215.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 26ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1215.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF
content-encoding: gzip
etag: "615035bb6557b191e767e19087efabaf"
x-amz-request-id: 5V8481H3KYZ73KWT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13666
x-amz-id-2: L9TcLkDPeWSt1mSkzTWMU6oeGB0FG+V/Eyp/CIr3yfn6DkLfmlPsdufotEmRgw2rfeGCoSQSKSs=
x-served-by: cache-hhn4021-HHN
last-modified: Mon, 24 Jan 2022 22:13:53 GMT
server: AmazonS3
x-timer: S1646855988.882214,VS0,VE0
date: Wed, 09 Mar 2022 19:59:47 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4768

GET
H2 200 init Show response
ff.d41.co/v1/ 46 B
822 B 530ms
482ms Fetch
application/json 104.126.37.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.d41.co/v1/init?req=vff4596

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

6e3a2af1c4e7d2f22c1570278176233275c743e5ea780e55b715f609fdb0d965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 19:59:48 GMT
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1
cache-control: no-cache, no-store, max-age=0
strict-transport-security: max-age=15768000 ; includeSubDomains
content-length: 46
x-content-type-options: nosniff
expires: 0

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc
play.vidyard.com/ 0
2 KB 34ms
7ms Other
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
age: 169491
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1464
x-served-by: cache-hhn4074-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1646855988.893521,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"dd6-IAvbllKRL8vduIBr7NSDwBc8Qyk"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc Show response
play.vidyard.com/ Frame 46AB 3 KB
2 KB 8ms
8ms Document
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

179b17c8b1a8b7a598b7eb7de0a3a6df78a0aebe9fb10faac94d3cedb15a04e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dd6-IAvbllKRL8vduIBr7NSDwBc8Qyk"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 19:59:47 GMT
via: 1.1 varnish
age: 169491
x-served-by: cache-hhn4082-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1646855988.869551,VS0,VE1
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1464

GET
H2 200 style.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 176 B
285 B 8ms
7ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/style.js?callback=window.VidyardV4.jsonp.style_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bb38afdb0c9c4ca64d4a65799e3fffa4e61b7ef89db4446c0d253144e8d97b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169490
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 136
via: 1.1 varnish
x-served-by: cache-hhn4082-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1646855988.869614,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b0-Gim8N4l53SYDTcB6WDl+PFCqSmo"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 177 B
234 B 7ms
7ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/integrations.js?callback=window.VidyardV4.jsonp.integrations_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34c46b15cfffa74a904d1e30caf51b908406654144fb476d51301b701a240199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110467
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 133
via: 1.1 varnish
x-served-by: cache-hhn4082-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1646855988.871054,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b1-yWAAgTE5v27hfzCM//g3rYfv2GY"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 721 B
666 B 7ms
7ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/details.js?callback=window.VidyardV4.jsonp.details_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

be0807b2d562082eaee06985a3d8f1ffa3298e8777e134367cdbe5d75de7742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169490
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 429
via: 1.1 varnish
x-served-by: cache-hhn4082-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1646855988.871336,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"2d1-nSg7xAVYZP+nu12wUdO58R/XHuw"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 XDFrame Show response
www2.mandiant.com/index.php/form/ Frame D467 2 KB
963 B 135ms
135ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/index.php/form/XDFrame

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13a35f6809ebd06635401be41681b52dd7f36d45fd6624e75ab5ce909419d427

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9664a47d079b37-FRA
content-encoding: gzip

GET
H2 200 api.js Show response
play.vidyard.com/v0/ 19 KB
7 KB 6ms
6ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v0/api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 1611
x-cache: HIT
content-encoding: gzip
content-length: 7168
x-served-by: cache-hhn4082-HHN
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1646855988.919280,VS0,VE0
etag: "7b874dd3eb596697c6d49ba7ed6880f8"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 2

GET anchor
www.google.com/recaptcha/api2/ Frame 9DDA 0
0

GET anchor
www.google.com/recaptcha/api2/ Frame 18D2 0
0

GET
DATA 200
OK truncated
/ Frame 6948 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728

Request headers

Referer
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 css
fonts.googleapis.com/ Frame 6948 664 B
356 B 31ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: my.hellobar.com
URL: https://my.hellobar.com/modules.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 19:41:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 19:59:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 19:59:47 GMT

GET
H2 200 6YFFuUwZEGvnvnN6MQXaEqlWr3mDDrvS8-vF83QEpS6p
hi.hellobar.com/v/9GhS0Yr69Fvqii0hqwPMup-_Vfs/ 35 B
361 B 568ms
543ms Image
image/gif 2600:9000:2156:f200:1b:45dc:7080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.hellobar.com/v/9GhS0Yr69Fvqii0hqwPMup-_Vfs/6YFFuUwZEGvnvnN6MQXaEqlWr3mDDrvS8-vF83QEpS6p?t=1646855988&v=a2d8c9f0-1da4-4c9b-e95e-9f8c1e6516c0&f=i&s=5156e5d150c130c3079ace8534cb58b5da48b5d8877d7307b5705d69403bf38d1ddaa99c24cddaf7aea8e1b9e96876a54db307627bc60da8c0680a68baf84410
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f200:1b:45dc:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:34:27 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Tue, 10 Apr 2018 13:15:02 GMT
server: AmazonS3
age: 52944
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Error from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 35
x-amz-cf-id: fObMyo2W4n2wvYK1CT71ERhp5rIvIic-GgHvW5ur_lqs85jAyZCg3g==

GET
H2 200 runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js Show response
assets.vidyard.com/play/js/ Frame 46AB 7 KB
2 KB 15ms
6ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c512a7262791ce6e5ba1f158ffe38ab183c5e1096f2b3cccb68fe947be49a8b0

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 171248
x-cache: HIT
content-length: 2257
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 07 Mar 2022 20:24:48 GMT
x-timer: S1646855988.985703,VS0,VE0
etag: "c039cd9cdee54b0c32148f5e861fd2c4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2310

GET
H2 200 main-9c0fd7aa233ac1336e2f034fe6750cf5.js Show response
assets.vidyard.com/play/js/ Frame 46AB 101 KB
13 KB 15ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-9c0fd7aa233ac1336e2f034fe6750cf5.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e29f05cdaf7b963f32f3698d836e7bb13e89bf7f67d60573cd3bcdf050ffe53

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:47 GMT
content-encoding: br
vary: Accept-Encoding
age: 3713518
x-cache: HIT
content-length: 13467
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Tue, 25 Jan 2022 20:26:17 GMT
x-timer: S1646855988.985970,VS0,VE0
etag: "f949283d55718b28aca2963980696c86"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 19071

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F4C3 43 KB
22 KB 33ms
32ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=x60uqbao7j9

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_RtYGCnmFI3sNPE7gLz7cHCEkNzEHEs-SvlzaZvVIOos.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0550ed65bf5986af4670422ba6d62355bb95e159a9b3b484044f9548ad38879e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qdd5MKbGkjrLmDw5iHblzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Mar 2022 19:59:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-qdd5MKbGkjrLmDw5iHblzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22617
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6C14 43 KB
22 KB 31ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=compact&cb=pqztai87fb23

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_RtYGCnmFI3sNPE7gLz7cHCEkNzEHEs-SvlzaZvVIOos.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b4dfa4a3070ad41cf8b0d8aa0a0f670f670458bd0d2a6c746a7bc6c2eaea106

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qRV2O9FQrhvcoVcRKZFOqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Mar 2022 19:59:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-qRV2O9FQrhvcoVcRKZFOqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22642
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 google-cloud-22px.png
www.mandiant.com/sites/default/files/2022-03/ Frame 6948 2 KB
2 KB 40ms
39ms Image
image/png 2606:4700:300b::a29f:f07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2022-03/google-cloud-22px.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d9ba14f6b6a19689abbf49bd5b8b03413896d8557a1cc641128334b429b8f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 84543
x-cache: HIT
x-cache-hits: 54
x-ah-environment: prod
content-length: 1708
x-request-id: v-cca59b00-9f19-11ec-ac3d-2f1626fbeab4
last-modified: Tue, 08 Mar 2022 19:55:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6e9664a4fbb7e907-MXP
expires: Wed, 23 Mar 2022 19:59:48 GMT

GET
H/1.1 200
OK NRJS-890ead692fb1e944fb6 Show response
bam.nr-data.net/1/ 57 B
322 B 444ms
108ms Script
text/javascript 162.247.242.32
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-890ead692fb1e944fb6?a=1404479750&v=1215.1253ab8&to=YlRVYERZV0ZSWhINX1sedldCUVZbHH0UEUBUXWtaWVxcaXBWCBBCWl1bUURkd1pXXDANVUJyWFpCSlZZX1wUSQ5DWFJD&rst=2106&ck=1&ref=https://www.mandiant.com/advantage/threat-intelligence/free-version&ap=381&be=1015&fe=1970&dc=1425&perf=%7B%22timing%22:%7B%22of%22:1646855985889,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:29,%22ce%22:56,%22rq%22:56,%22rp%22:996,%22rpe%22:1095,%22dl%22:999,%22di%22:1425,%22ds%22:1425,%22de%22:1452,%22dc%22:1971,%22l%22:1971,%22le%22:1985%7D,%22navigation%22:%7B%7D%7D&fp=1138&fcp=1138&at=ThNWFgxDREg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.32 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.nz
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 6948 23 KB
23 KB 26ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 1758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:30:30 GMT

GET
H2 200 progress-events.js Show response
play.vidyard.com/v1/ 14 KB
6 KB 408ms
408ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v1/progress-events.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 0
x-cache: MISS
content-encoding: gzip
content-length: 5481
x-served-by: cache-hhn4082-HHN
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1646855988.010005,VS0,VE401
etag: "5823d0929a8e2e520236508c08ba757c"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc.json Show response
play.vidyard.com/player/ Frame 46AB 7 KB
3 KB 10ms
9ms Fetch
application/json 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/ZSM2yap3Uzhft78LqAuyMc.json?disable_popouts=1&v=4.2.38&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-9c0fd7aa233ac1336e2f034fe6750cf5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

59c6a72515482248aa2f0514d4bad4888a1839ca43385137801557391bbc4d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
referrer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=NTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: gzip
age: 169490
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 3042
x-served-by: cache-hhn4082-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1646855988.016631,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"1aa7-Arr49ioU35vokpUxS31dmItQymM"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
31 KB

8ms
7ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Protocol: H2
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F44) /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
x-cdn: edgecast
age: 123677
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-request-id: GW2M72Z3W3JMG0MX
x-amz-id-2: 9bgR8//wYgOnN6j/CYIhb4fFdt/ECJxcE9l2rz3vZT5/e42ObXaXCgIbzdOaio2CABSe7qqzReo=
accept-ranges: bytes
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: ECAcc (frc/8F44)
etag: "09c372482f3c326fb5c1843a299311cb"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
content-length: 31938
content-type: image/jpeg

Redirect headers

date: Wed, 09 Mar 2022 19:59:48 GMT
via: 1.1 varnish
age: 110469
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4082-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1646855988.026881,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 45ms
19ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oe370&_p=919920476&sr=1600x1200&gcs=G100&ul=en-us&cid=1114210972.1646855988&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o&dr=https%3A%2F%2Fpages.mandiant.com%2F&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sid=1646855987&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 19:59:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 30ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=919920476&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHAAgAABE~&cid=1114210972.1646855988&tid=UA-203244293-1&_gid=1523090694.1646855988&gtm=2wg370T72STLD&cg1=null&cg2=advantage&cd2=Pageview&cd3=1646855987442.ajyzfc9&cd4=2022-03-09T19%3A59%3A47.442%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd15=null&cd16=null&gcs=G100&cd1=1114210972.1646855988&z=2010670918

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 11:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31591
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
7ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=919920476&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=trustarc&ea=banner_served&_u=aHgAgAABE~&cid=1114210972.1646855988&tid=UA-203244293-1&_gid=1102648640.1646855988&gtm=2wg370T72STLD&cg1=null&cg2=advantage&cd3=1646855987462.gqalmxmc&cd4=2022-03-09T19%3A59%3A47.462%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd15=null&cd16=null&gcs=G100&cd1=1114210972.1646855988&z=1220416212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 11:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31591
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=919920476&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DNTY1LVBFSS05NTIAAAGDDnAlg5-eiLc3wvITTZetmKwVRgKaOvoN4w00fJm8A822IpUssi0l-BCLUJwwV9dzz587WQOnTvk92koI-_1Zk1QXoGZQrTvHf3cDzg-o&dr=https%3A%2F%2Fpages.mandiant.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20scroll&ea=25%25&el=%2Fadvantage%2Fthreat-intelligence%2Ffree-version&_u=aHgAgAABE~&cid=1114210972.1646855988&tid=UA-203244293-1&_gid=1518946880.1646855988&gtm=2wg370T72STLD&cg1=null&cg2=advantage&cd2=Event&cd3=1646855987972.69r78rvv&cd4=2022-03-09T19%3A59%3A47.972%2B00%3A00&cd5=https%3A%2F%2Fpages.mandiant.com%2F&cd6=1019&cd15=null&cd16=null&gcs=G100&cd1=1114210972.1646855988&z=1767314587

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 11:13:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31591
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 6C14 51 KB
24 KB 32ms
11ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=compact&cb=pqztai87fb23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 16:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:24:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 6C14 360 KB
142 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 19:21:47 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame F4C3 51 KB
24 KB 32ms
12ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 16:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:24:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame F4C3 360 KB
142 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 19:21:47 GMT

GET
H2 200 vendors~player~player-pomo~unreleased-b754d1303e94af77bd2151009600e68d.js Show response
assets.vidyard.com/play/js/ Frame 46AB 158 KB
41 KB 9ms
8ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-b754d1303e94af77bd2151009600e68d.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1546e9d934451ab3f126f17de73a918f13f4ab86df3a9a6f394e078db088e6b1

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 620810
x-cache: HIT
content-length: 41533
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 02 Mar 2022 15:31:55 GMT
x-timer: S1646855988.067159,VS0,VE0
etag: "d112b28ea8065398be48782e77f61a9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 8965

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-43fe5d53f21fdd17e29a1bfc191b8576.js Show response
assets.vidyard.com/play/js/ Frame 46AB 102 KB
29 KB 14ms
14ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-43fe5d53f21fdd17e29a1bfc191b8576.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa58e92b49fbcea03166bf7295f87aaea52b5c1791329c2c6d25b332ab071a1b

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 2572316
x-cache: HIT
content-length: 29236
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 07 Feb 2022 16:04:13 GMT
x-timer: S1646855988.067440,VS0,VE0
etag: "b45ba840a7510a8b64ad23df33bc9f7f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 16408

GET
H2 200 vendors~player-pomo-d21bbec183e428c354dd30f60a236fce.js Show response
assets.vidyard.com/play/js/ Frame 46AB 613 KB
104 KB 16ms
16ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-d21bbec183e428c354dd30f60a236fce.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 237f8090348ad0ec9247910b506c22639fbab707f652694c4b675fdcae9cb674

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 620810
x-cache: HIT
content-length: 106429
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 02 Mar 2022 15:31:55 GMT
x-timer: S1646855988.067509,VS0,VE0
etag: "98bac87fdebdfcc4c31da3d1c8c865f8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 7985

GET
H2 200 player-pomo-e0b3ef2eed568512d7eb7a0faff954c1.css
assets.vidyard.com/play/stylesheets/ Frame 46AB 38 KB
8 KB 21ms
21ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-e0b3ef2eed568512d7eb7a0faff954c1.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c5a099fceedb98e8cd19eec28efbba60f7d6f4aa7752f7c3059d98d3c4bc4f6

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 171248
x-cache: HIT
content-length: 7527
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 07 Mar 2022 20:24:48 GMT
x-timer: S1646855988.068413,VS0,VE0
etag: "8dbab47f7cc8c09234ca2b31a96c2f49"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2058

GET
H2 200 player-pomo-e0b3ef2eed568512d7eb7a0faff954c1.js Show response
assets.vidyard.com/play/js/ Frame 46AB 258 KB
52 KB 21ms
21ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-e0b3ef2eed568512d7eb7a0faff954c1.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 74e673f1aa8262ad11b6a35651ec6ee45ee5a739677f62e3e11580f88cc7f373

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 171248
x-cache: HIT
content-length: 52830
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 07 Mar 2022 20:24:48 GMT
x-timer: S1646855988.068492,VS0,VE0
etag: "f44de7c9f560d7a9038fa7b232b60816"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2076

GET
H2 200 forms2.min.js Show response
www2.mandiant.com/js/forms2/js/ Frame D467 205 KB
68 KB 49ms
35ms Script
application/x-javascript 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.mandiant.com/js/forms2/js/forms2.min.js

Requested by

Host: www2.mandiant.com
URL: https://www2.mandiant.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www2.mandiant.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 12 Jan 2022 18:47:30 GMT
server: cloudflare
age: 1
etag: "2a02c81-33210-5d567007b9480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6e9664a58f8e9b37-FRA
expires: Wed, 09 Mar 2022 23:59:48 GMT

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc Show response
play.vidyard.com/video/ Frame 46AB 214 B
291 B 7ms
7ms XHR
application/json 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/video/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-9c0fd7aa233ac1336e2f034fe6750cf5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5a31c7c4c15f3963f51e3b3704ac1db7dcf7a6ac720e57d6bcf40d338863dd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: gzip
age: 1256970
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 190
x-served-by: cache-hhn4082-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1646855988.162711,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"d6-+x/3JDVYUDboVOacHeFfvhn5Eo4"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 6-859d2cece83837e6e3fe1470b425a907.js Show response
assets.vidyard.com/play/js/ Frame 46AB 437 KB
98 KB 7ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-859d2cece83837e6e3fe1470b425a907.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85fee71e0a0c8314149faf317b7b37b4740b13c680cf0db24b17584cb7b7f1e1

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 2570816
x-cache: HIT
content-length: 99739
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 07 Feb 2022 16:04:12 GMT
x-timer: S1646855988.169756,VS0,VE0
etag: "f68dd33927eee73dc3a26280a3e061d9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 16046

GET
H2 200 35-181c057b72c29c37dab2111c1b087402.css
assets.vidyard.com/play/stylesheets/ Frame 46AB 181 B
212 B 8ms
7ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/35-181c057b72c29c37dab2111c1b087402.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 171248
x-cache: HIT
content-length: 103
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 07 Mar 2022 20:24:48 GMT
x-timer: S1646855988.169916,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1742

GET
H2 200 35-181c057b72c29c37dab2111c1b087402.js Show response
assets.vidyard.com/play/js/ Frame 46AB 16 KB
4 KB 8ms
8ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/35-181c057b72c29c37dab2111c1b087402.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-c7ef4ba48432df9c1b0c3f02961d0311.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d825d95062f6d479fad4efafb2ab511c6d40e574da26a51db991fa40507a9646

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: br
vary: Accept-Encoding
age: 171248
x-cache: HIT
content-length: 4354
via: 1.1 varnish
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 07 Mar 2022 20:24:48 GMT
x-timer: S1646855988.169985,VS0,VE0
etag: "059ee1f429d3cde55307d0e0e15f3213"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1755

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/ Frame 46AB
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
31 KB

7ms
7ms

Image
image/jpeg

93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Protocol: H2
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F44) /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
x-cdn: edgecast
age: 123677
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-request-id: GW2M72Z3W3JMG0MX
x-amz-id-2: 9bgR8//wYgOnN6j/CYIhb4fFdt/ECJxcE9l2rz3vZT5/e42ObXaXCgIbzdOaio2CABSe7qqzReo=
accept-ranges: bytes
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: ECAcc (frc/8F44)
etag: "09c372482f3c326fb5c1843a299311cb"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
content-length: 31938
content-type: image/jpeg

Redirect headers

date: Wed, 09 Mar 2022 19:59:48 GMT
via: 1.1 varnish
age: 110469
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4082-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1646855988.174861,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

OPTIONS
H2 200 visitors
raw.vidyard.com/v2/ Frame 0
0 306ms
99ms Preflight
text/html 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

POST
H2 200 visitors Show response
raw.vidyard.com/v2/ Frame 46AB 50 B
195 B 101ms
101ms XHR
application/json 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-9c0fd7aa233ac1336e2f034fe6750cf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash: fd1db8a672f7f03ca86e495bb32be4f7ad4c2f30d87613cd9b4b76d59a7b21fb

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Wed, 09 Mar 2022 19:59:48 GMT
x-vidyard-hostname: c6b5ea92eb44
content-length: 50
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ Frame F4C3 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F4C3 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F4C3 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 60858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 16 Mar 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F4C3 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 96787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Mar 2023 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F4C3 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=x60uqbao7j9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 09 Mar 2022 19:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6C14 102 B
134 B 23ms
23ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=compact&cb=pqztai87fb23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 09 Mar 2022 19:59:48 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5642 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c98cd36058ebdf8381f3d2f717989b0f4be1b56b754a7770c1bb927eb48d652

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NuwmKS1ORXlGcFrcCvUciA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Mar 2022 19:59:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-NuwmKS1ORXlGcFrcCvUciA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 98DD 7 KB
1 KB 27ms
27ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

514e8a3b05c3851e21c9318da91a10f7b18dbebc4cf69fe9977cd7793d7c33e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-giK4h5gsNxRjnEhM5NNtMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 09 Mar 2022 19:59:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-giK4h5gsNxRjnEhM5NNtMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 stream_master_7svCeAxuZBSRt2wTPXovaA.m3u8 Show response
cdn.vidyard.com/hls-videos/8Mq5tIGVA_VUZcSHjlwgZQ/ Frame 46AB 666 B
1 KB 26ms
8ms XHR
application/vnd.apple.mpegurl 93.184.221.26
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/hls-videos/8Mq5tIGVA_VUZcSHjlwgZQ/stream_master_7svCeAxuZBSRt2wTPXovaA.m3u8?IlC8-ePEnl_kzO_874hl0ZwtPvS34cRp2i9rHQgsRnzR9afZiIZ9jSBcGF6SGf6XMgtTftYtqkirGZ2Ws5qCIKCqucFHwKNc7Ser28vf681xVaaeNDqoJExU8Vc2sSWVBhlmfGB9v5DCpk6YMVm8EDsJoXohPZ3cFPGxPUQ8LY5sqB5k0G3UajvQFwpxJbZ8GmZ0
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/6-859d2cece83837e6e3fe1470b425a907.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.26 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA1) /
Resource Hash: 6b75262dcc42f4ecb54a9fde84af21d6dbf93a6d46a8f2cc4e7f83b5324db9ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
x-cdn: edgecast
age: 326759
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-request-id: 5QZX6A5ZXMA8FQAN
x-amz-id-2: eyc45HFHjqv0ximqP60Od4MTUmRmQovIqK2Q+PThjBkC/I3S2UnE8FgqtzQmwxqORMhrtRs8iTM=
accept-ranges: bytes
last-modified: Tue, 10 Aug 2021 22:02:56 GMT
server: ECAcc (frc/8FA1)
etag: "4831024ba7699cf1aa197ac051b4a1d1"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: 5E6U0XgDryp8K72VQiIGFOqeY20ClVft
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
content-length: 666
content-type: application/vnd.apple.mpegurl

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame 46AB 68 B
213 B 103ms
103ms XHR
application/json 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-9c0fd7aa233ac1336e2f034fe6750cf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash: 6fd22f5ac8d9e6fb80e320290814c4db425b686ff36970798184b502d99b4fbf

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.38&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Wed, 09 Mar 2022 19:59:48 GMT
x-vidyard-hostname: 4328a5ab4717
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 100ms
100ms Preflight
text/html 34.206.242.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.242.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-242-46.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 19:59:48 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 5642 51 KB
24 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 16:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:24:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 5642 360 KB
142 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 19:21:47 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 98DD 51 KB
24 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 16:24:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:24:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 98DD 360 KB
142 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 19:21:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=normal&cb=x60uqbao7j9

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=compact&cb=pqztai87fb23

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.mandiant.com/	1969-12-31 23:59:59	Name: BIGipServerab_mailtracking_80 Value: !CzhplPVpmCXCU2faQbCLRqc3TBcuikNAxkYv6JhgTHjFr9OceWXKX07rmdoiRHuvcawpNlhMBAP/360=
.pages.mandiant.com/	1970-01-20 01:27:37	Name: __cf_bm Value: lbZo5WmrO7vKNzH3kvLJbFqO_rBojuWUaq1oumqnHLc-1646855985-0-AT2ns0li5+XhzxQCJ6xAGEAGuqP5Ud2Nsx9etksHX5eGkmY/TGZOVvVa39HvHeiwOF4vfkItW98/ZZSb6XPQ8Cc=
.mandiant.com/	1970-01-20 01:27:37	Name: __cf_bm Value: WKLSOMpuF50IIFD64quEHU81497MUqpojinaqh3wG1Q-1646855986-0-Af08ctqsC0blsaE5Uv8LykKcN7zQ5VYvniw86vpxKZp85I4F0uMWDBGWETKG64F9JsW0tbwrds2raiU66fD3J3E=
www2.mandiant.com/	1969-12-31 23:59:59	Name: BIGipServerab24web-nginx-app_https Value: !gAKPY4flv9doO27aQbCLRqc3TBcuil/vYuZEvUH+GipwEiwBPGaMCYcSG4debfSJi2BDhBQBoYrPDzo=
.www2.mandiant.com/	1970-01-20 01:27:37	Name: __cf_bm Value: Si5jb4f9Ty6uvWVmZ5j4QzOkin19qIlSyQp.dahc8Gk-1646855988-0-AYDwVK03zosSNULo/tPl/1BONUxooaYvd7X7QR0G1dSLuounAk5H623scs3FEedmzK/27Jp8vFadg+N/dLNkYpc=
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 95fb1bdab74adb98

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other	warning	URL: https://play.vidyard.com/embed/v4.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.vidyard.com
bam.nr-data.net
cdn-0.d41.co
cdn.vidyard.com
cdnjs.cloudflare.com
consent.trustarc.com
ff.d41.co
fonts.googleapis.com
fonts.gstatic.com
hi.hellobar.com
js-agent.newrelic.com
my.hellobar.com
pages.mandiant.com
play.vidyard.com
raw.vidyard.com
static.addtoany.com
www.fireeye.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mandiant.com
www2.mandiant.com
www.google.com
104.126.37.161
104.17.70.206
143.204.98.107
143.204.98.71
151.101.129.181
151.101.130.137
162.247.242.32
2600:9000:2156:f200:1b:45dc:7080:93a1
2606:4700:10::ac43:2794
2606:4700:10::ac43:2be9
2606:4700:300b::a29f:f07d
2606:4700:300b::a29f:f67d
2606:4700::6810:135e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
34.206.242.46
93.184.221.26
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
0550ed65bf5986af4670422ba6d62355bb95e159a9b3b484044f9548ad38879e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0d1049d86e454e70f1d3e650f3ec7dc009ebef2f7ec2e9f44b74cb290ed9e4d6
13a35f6809ebd06635401be41681b52dd7f36d45fd6624e75ab5ce909419d427
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1546e9d934451ab3f126f17de73a918f13f4ab86df3a9a6f394e078db088e6b1
179b17c8b1a8b7a598b7eb7de0a3a6df78a0aebe9fb10faac94d3cedb15a04e5
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
1d66146075dec94ae99d1566e3dcf3516fd046e6e70dd707006499ebc30dd344
21e38f9c710bcd365c34ade79b6685adebe034dee9ca0e276d97e65b627a3c51
237f8090348ad0ec9247910b506c22639fbab707f652694c4b675fdcae9cb674
248aa1d994b6b31b6c38f19c98e2c8c275c799c49f0a6169b8f6fb7e51d38d23
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
2d9ba14f6b6a19689abbf49bd5b8b03413896d8557a1cc641128334b429b8f36
324f5cf9dbfef7a2e0c9cecd227f7ca03511b7e305c9026ec775cfa4a986890a
34c46b15cfffa74a904d1e30caf51b908406654144fb476d51301b701a240199
34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
453ef40e8581def8d424971f68e5a9586b5799944b815e6ef2c0b1c8a45b4326
4694bfd9721d7d0e5378f47467ffebb3b4c991685daedb44351497de1285f822
46d6060a7985237b0d3c4ee02f3edc1c212437310712cf92be5cda66f5483a8b
4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79
4b4dfa4a3070ad41cf8b0d8aa0a0f670f670458bd0d2a6c746a7bc6c2eaea106
4c98cd36058ebdf8381f3d2f717989b0f4be1b56b754a7770c1bb927eb48d652
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4fd01b7669f94eb36efaac635e0a1aad0c62aa32acf00a1663b5591ce8ca0ba5
514e8a3b05c3851e21c9318da91a10f7b18dbebc4cf69fe9977cd7793d7c33e3
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
59c6a72515482248aa2f0514d4bad4888a1839ca43385137801557391bbc4d80
5a31c7c4c15f3963f51e3b3704ac1db7dcf7a6ac720e57d6bcf40d338863dd05
5bb38afdb0c9c4ca64d4a65799e3fffa4e61b7ef89db4446c0d253144e8d97b9
5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282
65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f
6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b75262dcc42f4ecb54a9fde84af21d6dbf93a6d46a8f2cc4e7f83b5324db9ca
6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90
6e3a2af1c4e7d2f22c1570278176233275c743e5ea780e55b715f609fdb0d965
6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841
6fd22f5ac8d9e6fb80e320290814c4db425b686ff36970798184b502d99b4fbf
74d1f7e06069feded1f0c7c2c8a35b5c5194f66ff98d7b4309446effd0495728
74e673f1aa8262ad11b6a35651ec6ee45ee5a739677f62e3e11580f88cc7f373
7582f1ce2b50afe0c64f6da84ed7104462c073ef5d4d8054b1cc7cecf6da0f49
78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e
79b5d94138554418bb68f90902cfbe345978a0ac838b94551c34a57ba9ee2b9d
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
7c1f7185d8bbe632d4d50c3636c1995131ed4a7fce9075870d0365aeabc238e2
7c5a099fceedb98e8cd19eec28efbba60f7d6f4aa7752f7c3059d98d3c4bc4f6
7e29f05cdaf7b963f32f3698d836e7bb13e89bf7f67d60573cd3bcdf050ffe53
7e5e148a6482560efb2b4727dc197aec735495698a07578b5801814f869f72a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
85fee71e0a0c8314149faf317b7b37b4740b13c680cf0db24b17584cb7b7f1e1
88cb9efe9226cab0669f7f6cdf082ec49a48a58f6411b69864b6f952928b979a
8fb5773c79513b946ce84fd7a066040235e6eb5855549404f2a8bd361e3840bf
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94c53cdd0a088291d77fb24a380f2539eb30db64845a3d70451012eb79a4a169
9537e3f5594de1f0ff9699c91ce421f2deb6db5929e7b7c5735deebbb6f3b214
9ca72eec4efadc4587d29f2216ccd9cd54309463c74a5a3029b3dca9485f995a
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4b2001122dd39199bbfd92904833d9ba48cdeb06c053a24e4155771b2aa92a5
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
be0807b2d562082eaee06985a3d8f1ffa3298e8777e134367cdbe5d75de7742f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c512a7262791ce6e5ba1f158ffe38ab183c5e1096f2b3cccb68fe947be49a8b0
c597aaf32cbc53e9d6278b59208ee483ed11337e756f38dffebf303c99ee9df8
c82aa23b61483cc87f28ec6c4492a28c46dcb38bf471fd4a6ca40984ee6fb59e
ce659473360379780a37f64a2f3609ea756953553032a6f7215f529641a2c2dc
d3ff514e976873b7081af527277e1320e912c98ba1406fa8701753def950b786
d825d95062f6d479fad4efafb2ab511c6d40e574da26a51db991fa40507a9646
da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a
dd7e80c5f3390f1810ce6c26f926fb89c162791615549c7a7f964d4c5112e0d0
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3db2a9223644ed048da912927deafff6534b8f5e59d3bdbd5abcc87fa489cb1
f16edf69b3b38abc839a83da5041cb4b2ed08b54017faa471b4e2da1cc8393c1
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fa58e92b49fbcea03166bf7295f87aaea52b5c1791329c2c6d25b332ab071a1b
fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e
fd1db8a672f7f03ca86e495bb32be4f7ad4c2f30d87613cd9b4b76d59a7b21fb
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

www.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f07d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

95 %HTTPS

57 %IPv6

15 Domains

23 Subdomains

22 IPs

4 Countries

2744 kBTransfer

7204 kBSize

6 Cookies

14 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f07d Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

95 %
HTTPS

57 %
IPv6

15
Domains

23
Subdomains

22
IPs

4
Countries

2744 kB
Transfer

7204 kB
Size

6
Cookies

109 HTTP transactions
3 data transactions