www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGZWGnpNKZsEUPnfl04JMamWAMslrWCEg4XQ2FnF_R7G0jah1kPyr9wAn46K7dlFgf0md8w=
Effective URL:
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pD...
Submission: On December 09 via manual (December 9th 2021, 3:03:51 am UTC) from HK — Scanned from DE

Summary HTTP 132 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 16 domains to perform 132 HTTP transactions. The main IP is 2606:4700:300b::a29f:f17d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mandiant.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 4th 2021. Valid for: a year.

This is the only time www.mandiant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:300... 2606:4700:300b::a29f:f17d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:300... 2606:4700:300b::a29f:f67d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.122.110 18.66.122.110	16509 (AMAZON-02) (AMAZON-02)
6 44	151.101.129.181 151.101.129.181	54113 (FASTLY) (FASTLY)
8	18.66.112.119 18.66.112.119	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.66.122.78 18.66.122.78	16509 (AMAZON-02) (AMAZON-02)
2	3.224.194.123 3.224.194.123	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.110.125 18.66.110.125	16509 (AMAZON-02) (AMAZON-02)
1	52.41.92.51 52.41.92.51	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	52.45.111.176 52.45.111.176	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.242.32 162.247.242.32	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
6	3.89.170.15 3.89.170.15	14618 (AMAZON-AES) (AMAZON-AES)
132	24

1 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

pages.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:300b::a29f:f17d (United States)

ASN13335 (CLOUDFLARENET, US)

www.mandiant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:300b::a29f:f67d (United States)

ASN13335 (CLOUDFLARENET, US)

www.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

www2.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-110.fra60.r.cloudfront.net

cdn-0.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 151.101.129.181 (United States) 6 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.112.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-119.fra56.r.cloudfront.net

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.122.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-78.fra60.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.194.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-194-123.compute-1.amazonaws.com

vff4596.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.110.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-110-125.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.92.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-92-51.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.111.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-111-176.compute-1.amazonaws.com

ff.d41.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.32 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: service.newrelic.co.nz

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.89.170.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-170-15.compute-1.amazonaws.com

raw.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	vidyard.com 6 redirects play.vidyard.com cdn.vidyard.com assets.vidyard.com raw.vidyard.com	923 KB
26	mandiant.com www.mandiant.com	660 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	803 KB
8	fireeye.com pages.fireeye.com www.fireeye.com www2.fireeye.com	147 KB
7	google.com www.google.com	45 KB
5	trustarc.com consent.trustarc.com	26 KB
5	d41.co cdn-0.d41.co vff4596.d41.co ff.d41.co	246 KB
4	google-analytics.com www.google-analytics.com	20 KB
2	segment.com cdn.segment.com	26 KB
2	googletagmanager.com www.googletagmanager.com	149 KB
2	addtoany.com static.addtoany.com	26 KB
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	segment.io api.segment.io	143 B
1	googleapis.com fonts.googleapis.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
132	16

	Domain	Requested by
26	www.mandiant.com	pages.fireeye.com www.mandiant.com
24	play.vidyard.com	6 redirects www.mandiant.com play.vidyard.com www.googletagmanager.com assets.vidyard.com
20	assets.vidyard.com	play.vidyard.com assets.vidyard.com
10	www.gstatic.com	www.google.com www.gstatic.com
8	cdn.vidyard.com	www.mandiant.com assets.vidyard.com
7	www.google.com	www.mandiant.com www.gstatic.com www.google.com
6	raw.vidyard.com	assets.vidyard.com
6	www2.fireeye.com	www.mandiant.com www2.fireeye.com
5	consent.trustarc.com	www.mandiant.com
4	www.google-analytics.com	www.googletagmanager.com www.mandiant.com
2	cdn.segment.com	pages.fireeye.com cdn.segment.com
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	www.googletagmanager.com	www.mandiant.com www.googletagmanager.com
2	vff4596.d41.co	cdn-0.d41.co
2	static.addtoany.com	www.mandiant.com static.addtoany.com
2	cdn-0.d41.co	www.mandiant.com cdn-0.d41.co
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.mandiant.com
1	ff.d41.co	cdn-0.d41.co
1	api.segment.io	cdn.segment.com
1	fonts.googleapis.com	consent.trustarc.com
1	cdnjs.cloudflare.com	www.mandiant.com
1	www.fireeye.com	www.mandiant.com
1	pages.fireeye.com
132	24

This site contains links to these domains. Also see Links.

Domain
investors.mandiant.com
careers.smartrecruiters.com
login.mandiant.com
community.fireeye.com
partners.fireeye.com
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
trustarc.com

Subject Issuer	Validity	Valid
pages.fireeye.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
mandiant.com Cloudflare Inc ECC CA-3	`2021-11-04` - `2022-11-03`	a year	crt.sh
fireeye.com Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www2.fireeye.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.d41.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Frame ID: 476D736362451B5469A3F4DDC076EB04
Requests: 77 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 90BD5851DD67B50760268321FE87BB2E
Requests: 1 HTTP requests in this frame

Frame: https://www2.fireeye.com/index.php/form/XDFrame
Frame ID: CCF0115EA44A442D061AD0783262DC5E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=4z5p5oq0vdz2
Frame ID: 4EB3C7DF7AF5161E1AF8705AF19E57AA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=lexrgv9a9qvz
Frame ID: 0F06997ACBFED93FC0EE163920522D2C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=4z5p5oq0vdz2
Frame ID: 5D78473CD770F5EFB2D0B7B90AF916BE
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=lexrgv9a9qvz
Frame ID: 1C446290AEC2B0944C4CFFC36C6FB8E2
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: C2EFB34A1595B960F7705C9A9CE45A90
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq
Frame ID: 70281C50F8E9FEA91F5CB9DB1CE062ED
Requests: 3 HTTP requests in this frame

Frame: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Frame ID: 378BFFC2E30B8C2DDD611A22F8B9C178
Requests: 16 HTTP requests in this frame

Frame: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Frame ID: BCE7A90DF8921777FED9D5706D5CE1A8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Threat Intelligence | Mandiant Threat Intelligence Free

Page URL History Show full URLs

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGZWGnpNKZsEUPnfl04JMamWAMslrWCEg4XQ2FnF_R7G0jah1kPyr9wA... Page URL
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWG... Page URL

Page Statistics

132
Requests

94 %
HTTPS

43 %
IPv6

16
Domains

24
Subdomains

24
IPs

3
Countries

3090 kB
Transfer

8438 kB
Size

7
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://investors.mandiant.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://careers.smartrecruiters.com/mandiant/all/
Title: Careers

Search URL Search Domain Scan URL

URL: https://login.mandiant.com/
Title: .userlayer-1{fill:none;stroke-miterlimit:10;stroke-width:15px}

Search URL Search Domain Scan URL

URL: https://community.fireeye.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://partners.fireeye.com/English/
Title: Partner Portal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Mandiant

Search URL Search Domain Scan URL

URL: https://twitter.com/Mandiant

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCexu0DP7VKdDByusuTA53FQ

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mandiant/

Search URL Search Domain Scan URL

URL: https://trustarc.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGZWGnpNKZsEUPnfl04JMamWAMslrWCEg4XQ2FnF_R7G0jah1kPyr9wAn46K7dlFgf0md8w= Page URL
https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

Request Chain 15

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

Request Chain 103

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

Request Chain 105

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

Request Chain 119

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

Request Chain 125

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

132 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ODQ4LURJRC0yNDIAAAGBNGZWGnpNKZsEUPnfl04JMamWAMslrWCEg4XQ2FnF_R7G0jah1kPyr9wAn46K7dlFgf0md8w= Show response
pages.fireeye.com/ 508 B
982 B 285ms
204ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGZWGnpNKZsEUPnfl04JMamWAMslrWCEg4XQ2FnF_R7G0jah1kPyr9wAn46K7dlFgf0md8w=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2577dc5b37fb9b07321dea2a9c726a35783efe9a54be72fce3b5072cff326f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 09 Dec 2021 03:03:46 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bab0094bfdc54a5-MAN
content-encoding: gzip

GET
H2 200 Primary Request free-version Show response
www.mandiant.com/advantage/threat-intelligence/ 196 KB
56 KB 795ms
753ms Document
text/html 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGZWGnpNKZsEUPnfl04JMamWAMslrWCEg4XQ2FnF_R7G0jah1kPyr9wAn46K7dlFgf0md8w=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d751c00e5a17639661109f01c3dbcfd2b4d1590f22996a452cd9ba84f93dc77

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pages.fireeye.com/

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=2764800, public
link: <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="canonical" <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="en" <https://www.mandiant.de/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="de" <https://www.mandiant.jp/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="ja" <https://www.mandiant.kr/advantage/threat-intelligence/free-version>; rel="alternate"; hreflang="ko" <https://www.mandiant.com/advantage/threat-intelligence/free-version>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 09 Dec 2021 03:03:47 GMT
etag: "1639019027"
vary: Cookie,Accept-Encoding
content-security-policy: report-uri /report-csp-violation
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin
expect-ct: max-age=86400
content-encoding: gzip
x-request-id: v-a090177a-589c-11ec-9025-a794e71c03d9
x-ah-environment: prod
age: 0
via: varnish
x-cache: MISS
accept-ranges: bytes
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6bab00968a81599b-MXP

GET
H2 200 google_tag.script.js Show response
www.mandiant.com/sites/default/files/google_tag/google_tag_manager/ 348 B
423 B 43ms
42ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r3thgu

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17098
x-cache: HIT
x-cache-hits: 41
x-ah-environment: prod
content-length: 280
x-request-id: v-49a99798-5873-11ec-a6d0-b3b385484205
last-modified: Wed, 08 Dec 2021 22:07:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009b5e48599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css
www.mandiant.com/sites/default/files/css/ 9 KB
3 KB 46ms
45ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_G5YARZu17GSUDC0nIIv0-f_93oapmxyzwNErH_f7i6E.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 511388
x-cache: HIT
x-cache-hits: 55
x-ah-environment: prod
content-length: 2495
x-request-id: v-dde4df5e-53a9-11ec-ab3c-23ed3651c287
last-modified: Mon, 08 Nov 2021 20:48:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009b5e4a599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 clientlibs_recaptcha.min.css
www.fireeye.com/etc/designs/fireeye-www/ 649 B
1019 B 118ms
48ms Stylesheet
text/css 2606:4700:300b::a29f:f67d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fireeye.com/etc/designs/fireeye-www/clientlibs_recaptcha.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f67d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9

Security Headers

Name	Value
Content-Security-Policy	worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://content.fireeye.com
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-dispatcher: dispatcher1uswest1
date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2116
x-vhost: publish
vary: Accept-Encoding,User-Agent
content-length: 373
x-xss-protection: 1; mode=block
last-modified: Fri, 03 Dec 2021 19:13:52 GMT
server: cloudflare
x-frame-options: ALLOW-FROM https://content.fireeye.com
etag: "289-5d242b51ffc00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: public, max-age=14400
content-security-policy: worker-src blob: ; default-src https: data: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' http://fireeye.lookbookhq.com https://fireeye.lookbookhq.com http://content.fireeye.com https://content.fireeye.com
accept-ranges: bytes
cf-ray: 6bab009bcc323753-MXP
expires: Thu, 09 Dec 2021 07:03:47 GMT

GET
H2 200 css_BweRyY4MF3DKxwEjrIb8pucoG3rsHMgtQTr6NjXV5WA.css
www.mandiant.com/sites/default/files/css/ 1 KB
572 B 39ms
39ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_BweRyY4MF3DKxwEjrIb8pucoG3rsHMgtQTr6NjXV5WA.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070791c98e0c1770cac70123ac86fca6e7281b7aec1cc82d413afa3635d5e560

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 542225
x-cache: HIT
x-cache-hits: 39
x-ah-environment: prod
content-length: 297
x-request-id: v-7c4e3fc4-53a9-11ec-bf7b-3728103fc156
last-modified: Thu, 18 Nov 2021 22:59:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009b5e4b599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/ 23 KB
5 KB 51ms
17ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 541780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4364
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5cbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4MGp5Mf1Yg6U%2F%2BPVIYveip3%2Frz%2FbQTweKLAaP0C0JOL1Dy4CR1j%2FSS9lNfv%2B%2Fa18zvMwlsQENirr7q3AO8pZiZ48%2FUglDOS%2F79ujq51kbShEj3H6jEdFLzX%2FHJnpdojANgJb%2BBDSR98Ag%2FIhDVcE7w6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bab009b8ad15c08-FRA
expires: Tue, 29 Nov 2022 03:03:47 GMT

GET
H2 200 css_JuaZYhYzTuce8L3JZ6j0GyZOs2h_5fEgIt5Rk2gSDFk.css
www.mandiant.com/sites/default/files/css/ 143 KB
21 KB 43ms
42ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_JuaZYhYzTuce8L3JZ6j0GyZOs2h_5fEgIt5Rk2gSDFk.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e6996216334ee71ef0bdc967a8f41b264eb3687fe5f12022de519368120c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543908
x-cache: HIT
x-cache-hits: 27
x-ah-environment: prod
content-length: 21680
x-request-id: v-d4a74f1c-53a9-11ec-b86e-fb77c80ecb69
last-modified: Mon, 08 Nov 2021 20:48:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009b5e4c599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
www.mandiant.com/sites/default/files/css/ 205 KB
25 KB 40ms
39ms Stylesheet
text/css 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65be7e38d2dd34310f31924337a5960a7914ace32b18fc267f39736360c80e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 214710
x-cache: HIT
x-cache-hits: 41
x-ah-environment: prod
content-length: 25598
x-request-id: v-15b39a96-56a8-11ec-93fb-e3ce9794db96
last-modified: Mon, 06 Dec 2021 15:20:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009b5e4d599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 mndt-gen-tall-bg.jpg
www.mandiant.com/sites/default/files/2021-09/ 6 KB
6 KB 45ms
43ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/mndt-gen-tall-bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 511388
x-cache: HIT
last-modified: Mon, 27 Sep 2021 18:09:55 GMT
x-cache-hits: 49
x-ah-environment: prod
content-length: 5790
x-request-id: v-dde42546-53a9-11ec-8b16-cbce87559d5b
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c2ee1599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 forms2.min.js Show response
www2.fireeye.com/js/forms2/js/ 205 KB
68 KB 179ms
70ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
age: 2303
etag: "4a08e3-33210-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6bab009c68a33607-MAN
expires: Thu, 09 Dec 2021 07:03:47 GMT

GET
H/1.1 200
OK ff-2.min.js Show response
cdn-0.d41.co/tags/ 169 KB
169 KB 78ms
34ms Script
application/javascript 18.66.122.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/ff-2.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e111614ac18cf0c829a3dbfc6aff736c03536ec281330daf38e4bb3fb6ddfca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 03:01:20 GMT
Via: 1.1 2a6277094357eb47f8dbeacb06ed96c3.cloudfront.net (CloudFront)
Last-Modified: Tue, 24 Nov 2020 18:53:44 GMT
Server: AmazonS3
Age: 422
ETag: "da4912a78302efa0a3cb5d43a88f0e41"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 172705
X-Amz-Cf-Id: 0eTlZ8WDtH963tbeN0OqHMPEJOu1GIRnqzF70By61nwMh4OYKvsRtg==

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 71 KB
23 KB 99ms
38ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a29e92b61e28d33c457c5f690d3df6f5f7de9d40e2475eccd2e20ea9b35447d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 15893
x-cache: HIT
x-cache-hits: 1
content-length: 23117
x-served-by: cache-hhn4046-HHN
x-china: 0
last-modified: Thu, 07 Oct 2021 20:52:13 GMT
etag: "bdf2778beb70cd0653688fd53c09f6e5"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
32 KB

135ms
37ms

Image
image/jpeg

18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
etag: "09c372482f3c326fb5c1843a299311cb"
x-cdn: cloudfront
age: 16222
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31938
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: AmazonS3
date: Wed, 08 Dec 2021 22:33:26 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: HSSpoWJ67XH_XK2TmIyh4_rK-9Em_BQd-ZHc9bU4iS_QgB60dto-Ug==

Redirect headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: 1.1 varnish
age: 170250
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1639019028.922671,VS0,VE1
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 IDC_logo.png
www.mandiant.com/sites/default/files/2021-09/ 33 KB
33 KB 42ms
40ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/IDC_logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9537e3f5594de1f0ff9699c91ce421f2deb6db5929e7b7c5735deebbb6f3b214

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 511388
x-cache: HIT
x-cache-hits: 48
x-ah-environment: prod
content-length: 33645
x-request-id: v-7cba3df0-53a9-11ec-b460-fb16b5402aad
last-modified: Sat, 25 Sep 2021 19:05:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c2ee2599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 MAN_Sandra_%20Joyce_headshot.jpg
www.mandiant.com/sites/default/files/2021-09/ 55 KB
55 KB 55ms
53ms Image
image/jpeg 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/2021-09/MAN_Sandra_%20Joyce_headshot.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4e360b00b933d5c83d792b3cad8423b88cacb13d72bf9c965b730a704d4b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 542209
x-cache: HIT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 37
x-ah-environment: prod
content-length: 56278
x-request-id: v-7cb88302-53a9-11ec-95b1-7760fe7fc0dc
cf-bgj: h2pri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c2ee3599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2

200

72c7c0397b3d11203ba8a8.jpg
cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/
Redirect Chain

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

37 KB
38 KB

146ms
58ms

Image
image/jpeg

18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:14 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 199235
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38093
last-modified: Thu, 12 Aug 2021 21:28:14 GMT
server: AmazonS3
etag: "fac35442dc3f54400feda4067e98bdc9"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: .4W53FlrEOMwGZ_0xSp_2Ygzm.6IzDtB
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 5S74p-dQ0VTpA_Whv1rcsRrF32CBqhA7AXDg38lCfLXc4x_HGab2gA==

Redirect headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: 1.1 varnish
age: 179201
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
x-timer: S1639019028.922834,VS0,VE1
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js Show response
www.mandiant.com/sites/default/files/js/ 113 KB
39 KB 47ms
45ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff358b1e3b643b9432dd2970f1afdda9e5b101ec52ad59546b5f8043a02e0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 511388
x-cache: HIT
x-cache-hits: 57
x-ah-environment: prod
content-length: 39817
x-request-id: v-d4a9a71c-53a9-11ec-ac44-8fceaf70d0db
last-modified: Thu, 18 Nov 2021 22:58:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c2edf599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
994 B 139ms
73ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af893638a2d983d9d79b699ab8ae2f7f507a67c4bca1911b9a377a7c6f44a2e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 09 Dec 2021 03:03:47 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 142ms
75ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 153601
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6bab009c8cc9d6f5-FRA
cf-bgj: minify

GET
H2 200 js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js Show response
www.mandiant.com/sites/default/files/js/ 174 KB
55 KB 51ms
49ms Script
text/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9ab3e7109f42ef98afbad438ec60278ecafc571622d8b190a35c733dbcc0f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543907
x-cache: HIT
x-cache-hits: 27
x-ah-environment: prod
content-length: 56326
x-request-id: v-d4a93db8-53a9-11ec-875f-dbb59d938f1d
last-modified: Thu, 18 Nov 2021 23:24:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c2ee0599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 eb5srz Show response
consent.trustarc.com/v2/notice/ 68 KB
20 KB 106ms
44ms Script
text/javascript 18.66.122.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/v2/notice/eb5srz
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-78.fra60.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: 4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:11 GMT
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
age: 36
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA60-P2
content-encoding: gzip
x-amz-cf-id: th-I9t00DFwYH1WczKmrPfTbnGnAHz__ZVC6ciHsZ3dTSJhaZkAooQ==

GET
H2 200 fontloader.built.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 41ms
40ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/fontloader.built.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cb9efe9226cab0669f7f6cdf082ec49a48a58f6411b69864b6f952928b979a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543907
x-cache: HIT
x-cache-hits: 23
x-ah-environment: prod
content-length: 2315
x-request-id: v-d50846dc-53a9-11ec-804c-7b9f7e47d771
last-modified: Tue, 28 Sep 2021 02:55:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c2ee4599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 arrow-red.svg
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/ 234 B
326 B 89ms
88ms Image
image/svg+xml 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/images/arrow-red.svg

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eab324aea216ff6432155a5cdbd59b7c1429f7d27be852f9dd037c7ade0377c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543907
x-cache: HIT
x-cache-hits: 23
x-ah-environment: prod
content-encoding: gzip
x-request-id: v-d51ecf7e-53a9-11ec-bdeb-d385e1693d25
last-modified: Thu, 26 Aug 2021 20:19:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 6bab009c2ee7599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 Barlow-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 90ms
89ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 512962
x-cache: HIT
x-cache-hits: 115
x-ah-environment: prod
content-length: 56020
x-request-id: v-d55da316-53a9-11ec-b7ac-d7868fc55c42
last-modified: Thu, 26 Aug 2021 20:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c7f28599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 PTMono-Regular.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/ 71 KB
71 KB 66ms
66ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/mono/PTMono-Regular.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:47 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 512962
x-cache: HIT
x-cache-hits: 116
x-ah-environment: prod
content-length: 72380
x-request-id: v-d55f067a-53a9-11ec-bbc6-c72584b4fbb3
last-modified: Wed, 29 Sep 2021 04:47:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009c7f2b599b-MXP
expires: Thu, 23 Dec 2021 03:03:47 GMT

GET
H2 200 Barlow-Bold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
56 KB 49ms
49ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Bold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543908
x-cache: HIT
x-cache-hits: 30
x-ah-environment: prod
content-length: 57572
x-request-id: v-d5e36da2-53a9-11ec-9860-3f17c6936d5b
last-modified: Thu, 26 Aug 2021 20:19:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009d2fd4599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 Barlow-Medium.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 55 KB
55 KB 53ms
53ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-Medium.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543907
x-cache: HIT
x-cache-hits: 31
x-ah-environment: prod
content-length: 55968
x-request-id: v-d5e3fe66-53a9-11ec-9bb4-8774003a601b
last-modified: Thu, 26 Aug 2021 20:19:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009d2fd5599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 getForm Show response
www2.fireeye.com/index.php/form/ 22 KB
5 KB 102ms
102ms Script
application/javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www2.fireeye.com/index.php/form/getForm?munchkinId=848-DID-242&form=9210&url=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version&callback=jQuery112407582262578210228_1639019028108&_=1639019028109
Requested by: Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626d692e7705f06f33515dd2aa3816ce3cc4bdc160f538751a47380e8566d9f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6bab009dd9403607-MAN
cached: true

GET
H/1.1 204
No Content / Show response
vff4596.d41.co/sync/ 0
816 B 1305ms
111ms Script
text/plain 3.224.194.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vff4596.d41.co/sync/

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.194.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-194-123.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 03:03:49 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Access-Control-Allow-Origin: https://www.mandiant.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dnb_coretag_v4.min.js Show response
cdn-0.d41.co/tags/ 74 KB
75 KB 35ms
35ms Script
application/javascript 18.66.122.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js
Requested by: Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 03:01:23 GMT
Via: 1.1 2a6277094357eb47f8dbeacb06ed96c3.cloudfront.net (CloudFront)
Last-Modified: Thu, 18 Nov 2021 14:57:32 GMT
Server: AmazonS3
Age: 146
ETag: "c5b0d60b7c887bcae6d8897835a15d14"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
Content-Length: 76079
X-Amz-Cf-Id: f_bd6VhxBQNwKlH1DkJzWw0QwUZS5bMHreJezeWJutqYC2jnv8YWYw==

GET
H2 200 Barlow-MediumItalic.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 59 KB
59 KB 71ms
71ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-MediumItalic.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 512962
x-cache: HIT
x-cache-hits: 114
x-ah-environment: prod
content-length: 60612
x-request-id: v-d5e4da98-53a9-11ec-86b5-03fa5ba1addd
last-modified: Thu, 26 Aug 2021 20:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e1880599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 Plus%20Iconicon-onlight-understandrecentactor.png
www.mandiant.com/sites/default/files/inline-images/ 1 KB
1 KB 89ms
88ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-understandrecentactor.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d3f401175e39c476c08dd68216c445af259f6a4cf8ac93ba2e57801cd124a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 542210
x-cache: HIT
x-cache-hits: 30
x-ah-environment: prod
content-length: 1099
x-request-id: v-65305e96-53a7-11ec-8c84-87260db6d08b
last-modified: Mon, 27 Sep 2021 18:17:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e38ac599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 Plus%20Iconicon-onlight-proactivelyhuntthreatactors.png
www.mandiant.com/sites/default/files/inline-images/ 2 KB
2 KB 88ms
88ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-proactivelyhuntthreatactors.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fae616af15fbd4cbf9bcaf860d1a1412b112cc2e3939c8d7e15a2bdb6299f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 511389
x-cache: HIT
x-cache-hits: 48
x-ah-environment: prod
content-length: 1709
x-request-id: v-6530720a-53a7-11ec-ab21-cfde378699c1
last-modified: Mon, 27 Sep 2021 18:23:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e38b1599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 Plus%20Iconicon-onlight-accelerateyourthreat.png
www.mandiant.com/sites/default/files/inline-images/ 1 KB
2 KB 88ms
87ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-accelerateyourthreat.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b5da7d2b1187bcf2851c55bee08715f7b5896352b3fa404673a1317540a44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 542210
x-cache: HIT
x-cache-hits: 30
x-ah-environment: prod
content-length: 1513
x-request-id: v-652ffd20-53a7-11ec-ac30-3b604f5f3431
last-modified: Mon, 27 Sep 2021 18:28:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e38b4599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 Plus%20Iconicon-onlight-accessthreatintelligence.png
www.mandiant.com/sites/default/files/inline-images/ 2 KB
2 KB 87ms
86ms Image
image/png 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mandiant.com/sites/default/files/inline-images/Plus%20Iconicon-onlight-accessthreatintelligence.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfb5086403ba1c7a9d2f2decb862c8696e41f40da890dd199cb9115b27f86ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 542210
x-cache: HIT
x-cache-hits: 30
x-ah-environment: prod
content-length: 2030
x-request-id: v-65303894-53a7-11ec-a385-fbfa4fe7bcfc
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e38b7599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 v4.js Show response
play.vidyard.com/embed/ 71 KB
23 KB 55ms
54ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/embed/v4.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a29e92b61e28d33c457c5f690d3df6f5f7de9d40e2475eccd2e20ea9b35447d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 15893
x-cache: HIT
x-cache-hits: 2
content-length: 23117
x-served-by: cache-hhn4046-HHN
x-china: 0
last-modified: Thu, 07 Oct 2021 20:52:13 GMT
etag: "bdf2778beb70cd0653688fd53c09f6e5"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 Barlow-SemiBold.woff2
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/ 56 KB
57 KB 181ms
181ms Font
text/plain 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/fonts/barlow/Barlow-SemiBold.woff2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mandiant.com/sites/default/files/css/css_Zb5-ONLdNDEPMZJDN6WWCnkUrOMrGPwmfzlzY2DIDig.css
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 512962
x-cache: HIT
x-cache-hits: 117
x-ah-environment: prod
content-length: 57764
x-request-id: v-d5e1844c-53a9-11ec-b95d-3f047695c743
last-modified: Thu, 26 Aug 2021 20:19:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e58c3599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 974.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 7 KB
2 KB 182ms
181ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/974.bundle.js?36372e

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ed649e749e9698e805596809e2ede372229183ddb6b38fc96f696cff02f085

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543907
x-cache: HIT
x-cache-hits: 21
x-ah-environment: prod
content-length: 2308
x-request-id: v-d529b902-53a9-11ec-96d3-6bbc8c67b6a5
last-modified: Sat, 25 Sep 2021 04:35:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e98ef599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 404.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 406 B
400 B 181ms
181ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/404.bundle.js?2c5f80

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543907
x-cache: HIT
x-cache-hits: 21
x-ah-environment: prod
content-length: 263
x-request-id: v-d529fc8c-53a9-11ec-bd1a-0329b4f52dc8
last-modified: Wed, 08 Sep 2021 22:42:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e98f0599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 27.bundle.js Show response
www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/ 503 B
599 B 181ms
180ms Script
application/javascript 2606:4700:300b::a29f:f17d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mandiant.com/themes/custom/mandiant_theme/gnorm/build/scripts/27.bundle.js?998f5e

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js_DJqz5xCfQu-Yr7rUOOxgJ47K_FcWItixkKNccz28wPY.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:300b::a29f:f17d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7582f1ce2b50afe0c64f6da84ed7104462c073ef5d4d8054b1cc7cecf6da0f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543907
x-cache: HIT
x-cache-hits: 18
x-ah-environment: prod
content-length: 332
x-request-id: v-d52a2716-53a9-11ec-82bc-0bad1bc0ba94
last-modified: Wed, 08 Sep 2021 22:42:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: varnish
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 6bab009e98f1599b-MXP
expires: Thu, 23 Dec 2021 03:03:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 329 KB
88 KB 204ms
63ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/google_tag/google_tag_manager/google_tag.script.js?r3thgu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a1e04f2b0c9f70e046a62dd97253839da5c9bccbdc83cadf42e6bd76fa2dc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89714
x-xss-protection: 0
expires: Thu, 09 Dec 2021 03:03:48 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 152ms
30ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 21:57:02 GMT

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 90BD 741 B
577 B 47ms
46ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e2s
cf-cache-status: HIT
age: 1817678
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6bab009f6e65d6f5-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 148ms
40ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/v2/notice/eb5srz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 01:50:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 03:03:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 03:03:48 GMT

GET
H2 200 ic-error.svg
consent.trustarc.com/v2/asset/ 5 KB
1 KB 56ms
55ms Image
image/svg+xml 18.66.122.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/ic-error.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-78.fra60.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: 5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Dec 2021 02:18:47 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:12 GMT
server: openresty/1.15.8.2
age: 4107
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: Iai22WT3s3IucBaitFfJ-VQtYYV-wOxHK9idFatTV3lLMshyNHP2gg==
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)

GET
H2 200 ic-close-white.svg
consent.trustarc.com/v2/asset/ 7 KB
2 KB 56ms
55ms Image
image/svg+xml 18.66.122.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/ic-close-white.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-78.fra60.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Dec 2021 02:18:47 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:09 GMT
server: openresty/1.15.8.2
age: 4280
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: WDj3qU73pME4zYafo5haliDndacY0ePbb7VaFSqDlk_FaNSlW8mHtA==
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)

GET
H2 200 ic-close.svg
consent.trustarc.com/v2/asset/ 6 KB
1 KB 56ms
56ms Image
image/svg+xml 18.66.122.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/ic-close.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-78.fra60.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: 78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Dec 2021 02:17:50 GMT
content-encoding: gzip
last-modified: Wed, 20 Mar 2019 06:14:11 GMT
server: openresty/1.15.8.2
age: 3958
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: sIsqotOmi2SqRjyP1J5JcWAyhtnNEVkm_2Mm7KdduXLYqFmTjokABg==
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)

GET
H2 200 trustarc-logo-xs.svg
consent.trustarc.com/v2/asset/ 3 KB
2 KB 57ms
56ms Image
image/svg+xml 18.66.122.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/v2/asset/trustarc-logo-xs.svg
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-78.fra60.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Dec 2021 02:24:35 GMT
content-encoding: gzip
last-modified: Wed, 10 Feb 2021 02:29:33 GMT
server: openresty/1.15.8.2
age: 2412
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: g8Eb7ydIoKk5uTqziGOHgQ8Exjp0-xpvhFMhWSAtQ0Y6TrdAp3Wrzw==
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)

GET
H2 200 forms2.css
www2.fireeye.com/js/forms2/css/ 13 KB
3 KB 73ms
72ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/css/forms2.css

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6775
content-length: 2623
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
etag: "4814a7-3437-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6bab009f1a263607-MAN
expires: Thu, 09 Dec 2021 07:03:48 GMT

GET
H2 200 forms2-theme-simple.css
www2.fireeye.com/js/forms2/css/ 826 B
327 B 74ms
74ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6775
content-length: 242
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
etag: "4a083a-33a-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6bab009f1a273607-MAN
expires: Thu, 09 Dec 2021 07:03:48 GMT

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc
play.vidyard.com/ 0
2 KB 97ms
29ms Other
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
age: 97696
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-hhn4046-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019028.455592,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx
play.vidyard.com/ 0
1 KB 97ms
30ms Other
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
age: 128951
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-hhn4046-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019028.455739,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 169ms
64ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 14:56:27 GMT
x-content-type-options: nosniff
age: 43641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 14:56:27 GMT

GET
H2 200 XDFrame Show response
www2.fireeye.com/index.php/form/ Frame CCF0 2 KB
863 B 243ms
243ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/index.php/form/XDFrame

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ecd284b8811543e88f4c470ba7b3fe3f4b7a458c512bb92ab41d2b491aee6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bab00a03ac03607-MAN
content-encoding: gzip

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 145ms
77ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3432889f446ebcb8b1071f3c462634a2bbe078e3eb2b3392578886bc06e09c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61862
x-xss-protection: 0
expires: Thu, 09 Dec 2021 03:03:48 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/ 89 KB
25 KB 196ms
67ms Script
text/javascript 18.66.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/analytics.min.js
Requested by: Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAGBNGZWGnpNKZsEUPnfl04JMamWAMslrWCEg4XQ2FnF_R7G0jah1kPyr9wAn46K7dlFgf0md8w=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e7d5375c5c42c888e2166d20b83b4e50a5324c03572ff52d27e6e8da11988822

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: _rgfM5NAwYGxFXAysxV4lsL7V7DMFyhD
content-encoding: gzip
etag: W/"41eaf99027b7b29e63db884bc61a53e8"
age: 61
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 19 Nov 2021 03:01:59 GMT
server: AmazonS3
date: Thu, 09 Dec 2021 03:03:12 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 49O0CyzUi8KIg3K0n6KOqkOFrOp5PioK-D4tYPejIZHKnTHQQA0jaw==

GET
H2 200 forms2.min.js Show response
www2.fireeye.com/js/forms2/js/ Frame CCF0 205 KB
68 KB 87ms
86ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.fireeye.com/js/forms2/js/forms2.min.js

Requested by

Host: www2.fireeye.com
URL: https://www2.fireeye.com/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www2.fireeye.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
age: 2304
etag: "4a08e3-33210-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6bab00a1dbf83607-MAN
expires: Thu, 09 Dec 2021 07:03:48 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/ 583 B
1 KB 186ms
63ms XHR
application/json 18.66.110.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-110-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e7573ee44deaa2a2da4d901e4a40181959517f2cfd036c78e8d8555dea111c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 2VbtNDctMtboUaP_T2JY1.YlHkEJ6FXx
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
etag: "4c464a1f61abed8929723794647e8e04"
age: 6464
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 583
last-modified: Tue, 20 Jul 2021 21:51:47 GMT
server: AmazonS3
date: Thu, 09 Dec 2021 01:21:31 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: tj5dnB5OtH9tyZVLlPGPsdw-XnsrTwZgxX9jD0VpfgK1ehMFptVufA==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
143 B 533ms
173ms Fetch
application/json 52.41.92.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/XYDVFr8wlkTfdZhRFaaBO5Y8ZK1viC5D/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.92.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-92-51.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mandiant.com
date: Thu, 09 Dec 2021 03:03:49 GMT
content-length: 21
vary: Origin
content-type: application/json

GET anchor
www.google.com/recaptcha/api2/ Frame 4EB3 0
0

GET anchor
www.google.com/recaptcha/api2/ Frame 0F06 0
0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5D78 40 KB
21 KB 50ms
34ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=4z5p5oq0vdz2

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3410559aaca7ec70854622bd19b9b6ccb7466067b3ef0d636cb9ced658e753f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8hBIJ1FXRF3I0E7a3Q6I2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Dec 2021 03:03:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-8hBIJ1FXRF3I0E7a3Q6I2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21239
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1C44 41 KB
21 KB 62ms
48ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=lexrgv9a9qvz

Requested by

Host: www.mandiant.com
URL: https://www.mandiant.com/sites/default/files/js/js__zWLHjtkO5Qy3Slw8a_dqeWxAexSrVlUa1-AQ6AuCmE.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

629414c0c1a99f7abb19a6315f64e8641539db089cf7789f3fcbca0c3b93a867

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w5lgnBvfiGtODDLJNLTMzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Dec 2021 03:03:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-w5lgnBvfiGtODDLJNLTMzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21362
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 5D78 51 KB
24 KB 44ms
20ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=4z5p5oq0vdz2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 15:26:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 5D78 347 KB
135 KB 54ms
31ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 21:57:02 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 1C44 51 KB
24 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 15:26:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 1C44 347 KB
135 KB 54ms
32ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 21:57:02 GMT

GET
DATA 200
OK truncated
/ Frame 5D78 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5D78 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5D78 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 02:54:22 GMT
x-content-type-options: nosniff
age: 567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 16 Dec 2021 02:54:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5D78 15 KB
15 KB 30ms
12ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 122228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 17:06:41 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5D78 102 B
134 B 19ms
18ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=4z5p5oq0vdz2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 09 Dec 2021 03:03:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1C44 102 B
134 B 19ms
19ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=lexrgv9a9qvz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 09 Dec 2021 03:03:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5331
date: Thu, 09 Dec 2021 01:34:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 03:34:58 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 43ms
15ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X6642ZTDJ7&gtm=2oec10&_p=918006674&sr=1600x1200&gcs=G100&ul=en-us&cid=127547395.1639019029&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm&dr=https%3A%2F%2Fpages.fireeye.com%2F&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sid=1639019028&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X6642ZTDJ7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.mandiant.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 03:03:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mandiant.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C2EF 7 KB
1 KB 20ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a62337ef19dbdf3486731e541af011a5ec7e99a015d732560bfe664bf1eb0b3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GFShwMLTOiOeVjvxQg5V5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Dec 2021 03:03:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-GFShwMLTOiOeVjvxQg5V5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7028 7 KB
1 KB 35ms
35ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dddf60fbbc2586fa01a5bda5fe3c7c48d3bd731df3c5b5aac960fc0796ee84e5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8QzpE/XdakDgYYbHKZZ7AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Dec 2021 03:03:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-8QzpE/XdakDgYYbHKZZ7AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK api Show response
vff4596.d41.co/ 95 B
945 B 113ms
113ms Fetch
application/json 3.224.194.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vff4596.d41.co/api?req=vff4596&form=json

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/dnb_coretag_v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.194.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-194-123.compute-1.amazonaws.com

Software

Resource Hash

0ef0c3f8861f73d111a86754f3ce3a757574ec98ef6454d4efa24bef5614c523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 03:03:49 GMT
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Origin: https://www.mandiant.com
Cache-control: no-store
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 95
X-XSS-Protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame C2EF 51 KB
24 KB 10ms
10ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 15:26:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame C2EF 347 KB
135 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 21:57:02 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=918006674&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm&dr=https%3A%2F%2Fpages.fireeye.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCgAgAAB~&cid=127547395.1639019029&tid=UA-203244293-1&_gid=1030505910.1639019030&gtm=2wgc10T72STLD&cg1=null&cg2=advantage&cd2=Pageview&cd3=1639019028574.my6ujb7e8&cd4=2021-12-09T03%3A03%3A48.574%2B00%3A00&cd5=https%3A%2F%2Fpages.fireeye.com%2F&cd15=null&cd16=null&gcs=G100&cd1=127547395.1639019029&z=131919004

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 20:28:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
10ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=918006674&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.mandiant.com%2Fadvantage%2Fthreat-intelligence%2Ffree-version%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm&dr=https%3A%2F%2Fpages.fireeye.com%2F&ul=en-us&de=UTF-8&dt=Cyber%20Threat%20Intelligence%20%7C%20Mandiant%20Threat%20Intelligence%20Free&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=trustarc&ea=banner_served&_u=YCgAgAAB~&cid=127547395.1639019029&tid=UA-203244293-1&_gid=204739478.1639019030&gtm=2wgc10T72STLD&cg1=null&cg2=advantage&cd3=1639019028594.wwy5bk3p&cd4=2021-12-09T03%3A03%3A48.594%2B00%3A00&cd5=https%3A%2F%2Fpages.fireeye.com%2F&cd6=9210&cd15=null&cd16=null&gcs=G100&cd1=127547395.1639019029&z=1948238770

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 20:28:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23748
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7028 51 KB
24 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 15:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 15:26:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 7028 347 KB
135 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Thu, 08 Dec 2022 21:57:02 GMT

GET
H2 200 init Show response
ff.d41.co/v1/ 44 B
486 B 460ms
119ms XHR
application/json 52.45.111.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ff.d41.co/v1/init?v=9071c4ff2fde4084befbe781ec94ee00

Requested by

Host: cdn-0.d41.co
URL: https://cdn-0.d41.co/tags/ff-2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.111.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-111-176.compute-1.amazonaws.com

Software

Resource Hash

29b33b29c75bd329a6476c57fe3c6d17ce1e78e9b7c6af517ad325d70e5bd694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 03:03:49 GMT
x-content-type-options: nosniff
expect-ct: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
expires: 0

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 36ms
16ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: www.mandiant.com
URL: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: 0TM5PC7FSF00SYG0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: z1U4CFjweYlb7Zya5oHzZMGY3E8DebmJqf9nnIggGk20PzHVfM8IK0N8VEjPd6CQsXF8vEVtHl8=
x-served-by: cache-hhn4029-HHN
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1639019030.610203,VS0,VE0
date: Thu, 09 Dec 2021 03:03:49 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2117

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc Show response
play.vidyard.com/ Frame 378B 3 KB
2 KB 7ms
7ms Document
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c26f369723641f427bab98b5bc443dc53d673e944d66262d4e7ec1412f479b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Dec 2021 03:03:49 GMT
via: 1.1 varnish
age: 97697
x-served-by: cache-hhn4046-HHN
x-cache: HIT
x-cache-hits: 2
x-timer: S1639019030.595688,VS0,VE0
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1462

GET
H2 200 style.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 176 B
244 B 251ms
251ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/style.js?callback=window.VidyardV4.jsonp.style_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bb38afdb0c9c4ca64d4a65799e3fffa4e61b7ef89db4446c0d253144e8d97b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 136
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.593906,VS0,VE242
x-frame-options: ALLOWALL
etag: W/"b0-Gim8N4l53SYDTcB6WDl+PFCqSmo"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 177 B
431 B 8ms
8ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/integrations.js?callback=window.VidyardV4.jsonp.integrations_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45b9e3163d849e17b040b9e163f18d1767078d18bd2a9948a2810ca549bf1a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102314
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 133
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.596879,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b1-ZwtcYibSSbR9QUWoytWyBbzpQd4"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.js Show response
play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/ 721 B
526 B 14ms
14ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/ZSM2yap3Uzhft78LqAuyMc/details.js?callback=window.VidyardV4.jsonp.details_ZSM2yap3Uzhft78LqAuyMc.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

be0807b2d562082eaee06985a3d8f1ffa3298e8777e134367cdbe5d75de7742f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102314
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 429
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.601519,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"2d1-nSg7xAVYZP+nu12wUdO58R/XHuw"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx Show response
play.vidyard.com/ Frame BCE7 3 KB
1 KB 16ms
15ms Document
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c26f369723641f427bab98b5bc443dc53d673e944d66262d4e7ec1412f479b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Thu, 09 Dec 2021 03:03:49 GMT
via: 1.1 varnish
age: 128952
x-served-by: cache-hhn4046-HHN
x-cache: HIT
x-cache-hits: 2
x-timer: S1639019030.610114,VS0,VE0
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1462

GET
H2 200 style.js Show response
play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/ 176 B
278 B 16ms
15ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/style.js?callback=window.VidyardV4.jsonp.style_YaoW27YBWgnoJKYpQL7Ufx.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b49156d5e01eb825b83327e4439ca9fc58e441441a1f63e1189c28bfe517ce3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102314
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 136
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.610198,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b0-qMcukjasAKmv05hmINbSOmAcK28"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 integrations.js Show response
play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/ 177 B
229 B 17ms
16ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/integrations.js?callback=window.VidyardV4.jsonp.integrations_YaoW27YBWgnoJKYpQL7Ufx.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

125011b4ce1ec07e7cda316c0c68396f03f4929979bcb12442e8b4be311dcda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102314
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 133
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.610266,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"b1-JynrKXufvPE52ArHUNOLrh9jx9o"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 details.js Show response
play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/ 697 B
510 B 16ms
15ms Script
text/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v4/YaoW27YBWgnoJKYpQL7Ufx/details.js?callback=window.VidyardV4.jsonp.details_YaoW27YBWgnoJKYpQL7Ufx.done

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5290d74adbcea5559af25b922914cc5ef5f37b721dd91f2bde1a6d61469c892b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102314
x-cache: HIT
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-length: 414
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.610305,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"2b9-v9MpaLo29pKIbuvI7KAyYrqWSlQ"
strict-transport-security: max-age=31557600
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc
play.vidyard.com/ 0
2 KB 11ms
7ms Other
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline&rendered=true

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
age: 97697
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-hhn4046-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.616833,VS0,VE0
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx
play.vidyard.com/ 0
1 KB 8ms
7ms Other
text/html 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline&rendered=true

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/embed/v4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.mandiant.com/
Origin: https://www.mandiant.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
age: 128952
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 1462
x-served-by: cache-hhn4046-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.616974,VS0,VE0
x-frame-options: ALLOWALL
etag: W/"dd6-wHgvCe7wc52vl54RFeKnPf0Zckc"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/html; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 api.js Show response
play.vidyard.com/v0/ 19 KB
7 KB 491ms
491ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v0/api.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 0
x-cache: MISS
content-encoding: gzip
content-length: 7168
x-served-by: cache-hhn4046-HHN
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1639019030.629406,VS0,VE482
etag: "7b874dd3eb596697c6d49ba7ed6880f8"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 runtime~main-0a7ededc1384e276ee2dc3b19e123757.js Show response
assets.vidyard.com/play/js/ Frame 378B 7 KB
2 KB 13ms
12ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0dde8a958cbd60287193a1529dbc88467001e648d9fb7943ecd5528515d5d169

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 2253
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.640337,VS0,VE0
etag: "c0836e73b29e652b7735eb1b440beef6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 main-a6875cc9a4bc0c905ad9e719ee986a48.js Show response
assets.vidyard.com/play/js/ Frame 378B 101 KB
13 KB 8ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 164758
x-cache: HIT
content-length: 13448
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 02 Dec 2021 18:35:08 GMT
x-timer: S1639019030.640236,VS0,VE0
etag: "5330e201fbbf207c28cf6c9304098519"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 24

GET
H/1.1 200
OK NRJS-890ead692fb1e944fb6 Show response
bam.nr-data.net/1/ 57 B
322 B 486ms
109ms Script
text/javascript 162.247.242.32
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-890ead692fb1e944fb6?a=1404479750&v=1212.e95d35c&to=YlRVYERZV0ZSWhINX1seYkZfF1BbV1weSkBdQQ%3D%3D&rst=2726&ck=1&ref=https://www.mandiant.com/advantage/threat-intelligence/free-version&ap=159&be=816&fe=2669&dc=1331&perf=%7B%22timing%22:%7B%22of%22:1639019026915,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:19,%22ce%22:43,%22rq%22:43,%22rp%22:796,%22rpe%22:900,%22dl%22:798,%22di%22:1330,%22ds%22:1330,%22de%22:1344,%22dc%22:2669,%22l%22:2669,%22le%22:2692%7D,%22navigation%22:%7B%7D%7D&fp=969&fcp=969&at=ThNWFgxDREg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.32 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: service.newrelic.co.nz
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 runtime~main-0a7ededc1384e276ee2dc3b19e123757.js Show response
assets.vidyard.com/play/js/ Frame BCE7 7 KB
2 KB 8ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0dde8a958cbd60287193a1529dbc88467001e648d9fb7943ecd5528515d5d169

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 129399
x-cache: HIT
content-length: 2253
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.908562,VS0,VE0
etag: "c0836e73b29e652b7735eb1b440beef6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 19

GET
H2 200 main-a6875cc9a4bc0c905ad9e719ee986a48.js Show response
assets.vidyard.com/play/js/ Frame BCE7 101 KB
13 KB 8ms
7ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 164759
x-cache: HIT
content-length: 13448
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 02 Dec 2021 18:35:08 GMT
x-timer: S1639019030.908621,VS0,VE0
etag: "5330e201fbbf207c28cf6c9304098519"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 25

GET
H2 200 ZSM2yap3Uzhft78LqAuyMc.json Show response
play.vidyard.com/player/ Frame 378B 7 KB
3 KB 8ms
8ms Fetch
application/json 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/ZSM2yap3Uzhft78LqAuyMc.json?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57a69171abf7bff9894663084d4d428e7b61eec77d288e3e75743b5cfbb7b0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
referrer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
age: 102313
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 3024
x-served-by: cache-hhn4046-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.912953,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"1a58-rgYVz4GX+srF4WzDWVjot27jKH4"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
32 KB

12ms
12ms

Image
image/jpeg

18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Protocol: H2
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
etag: "09c372482f3c326fb5c1843a299311cb"
x-cdn: cloudfront
age: 16223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31938
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: AmazonS3
date: Wed, 08 Dec 2021 22:33:26 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: yNfxqVt_Bowb8OWvP62uJB2JQ2qu1jInWlEkhWGsi_Xbx566hSiXpA==

Redirect headers

date: Thu, 09 Dec 2021 03:03:49 GMT
via: 1.1 varnish
age: 170252
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1639019030.913650,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 YaoW27YBWgnoJKYpQL7Ufx.json Show response
play.vidyard.com/player/ Frame BCE7 7 KB
3 KB 8ms
8ms Fetch
application/json 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/YaoW27YBWgnoJKYpQL7Ufx.json?disable_popouts=1&v=4.2.36&type=inline

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c471084be8bd1a45895a922d129b0c5cc4495e8e6e46df49e3eba608a3d50c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
referrer: https://www.mandiant.com/advantage/threat-intelligence/free-version?mkt_tok=ODQ4LURJRC0yNDIAAAGBNGZWGoX-fX39l5S30FuOkq8pDND4eRzvxMktlocrfO3qauH5IdSDgZR3QCL7jvJvHw41kRuclufxgYx-8x5h7EYCSnQsRW7ym_y4CvIZoqhm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: gzip
age: 102313
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 3012
x-served-by: cache-hhn4046-HHN
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1639019030.924612,VS0,VE1
x-frame-options: ALLOWALL
etag: W/"1a25-MuZbF1twSTmpR5LU4btjitWab4g"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

72c7c0397b3d11203ba8a8.jpg
cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/
Redirect Chain

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

37 KB
38 KB

18ms
17ms

Image
image/jpeg

18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
Protocol: H2
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:14 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 199236
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38093
last-modified: Thu, 12 Aug 2021 21:28:14 GMT
server: AmazonS3
etag: "fac35442dc3f54400feda4067e98bdc9"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: .4W53FlrEOMwGZ_0xSp_2Ygzm.6IzDtB
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: NgGw34apUzHN6eOvuUVTuw2z5q3K3V5KCxsu4-8xQfiJBvU-rV5huQ==

Redirect headers

date: Thu, 09 Dec 2021 03:03:49 GMT
via: 1.1 varnish
age: 179203
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
x-timer: S1639019030.928934,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js Show response
assets.vidyard.com/play/js/ Frame 378B 158 KB
41 KB 12ms
11ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0df6dda0ca4d7be90c9b60be736dcacc1deacad453827e7a05ebfb57b1faa097

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 1823883
x-cache: HIT
content-length: 41549
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Wed, 17 Nov 2021 23:35:41 GMT
x-timer: S1639019030.929531,VS0,VE0
etag: "c6d8662df68b4db66335c0ab647b942f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 24

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js Show response
assets.vidyard.com/play/js/ Frame 378B 102 KB
29 KB 19ms
18ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 3640570
x-cache: HIT
content-length: 29228
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 26 Oct 2021 18:59:18 GMT
x-timer: S1639019030.929929,VS0,VE0
etag: "72c2c0d1544367ee82097199e5530397"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 26

GET
H2 200 vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js Show response
assets.vidyard.com/play/js/ Frame 378B 613 KB
104 KB 30ms
30ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f4a3f225d323ee7fe97da693ef576867cc05e926c1f7aeb2a616f1c642a2756c

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 685080
x-cache: HIT
content-length: 106429
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 30 Nov 2021 16:52:41 GMT
x-timer: S1639019030.930078,VS0,VE0
etag: "ff3583515bfe8908a2a24ca2d31eb771"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 24

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.css
assets.vidyard.com/play/stylesheets/ Frame 378B 37 KB
7 KB 42ms
42ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-ee266757d7cf4509f752928005efa6b0.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 7214
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.930829,VS0,VE0
etag: "2f04b4119c443de15975abfa7a6b652f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 17

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.js Show response
assets.vidyard.com/play/js/ Frame 378B 240 KB
49 KB 44ms
44ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-ee266757d7cf4509f752928005efa6b0.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c2d9d4dccb590961368eddaf1aa8418859e14b89185683f5e21c7fc236f2f88

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 50557
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.930910,VS0,VE0
etag: "f520e390a3c0f1c5190dc4198a01ed57"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 17

GET
H2 200 vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js Show response
assets.vidyard.com/play/js/ Frame BCE7 158 KB
41 KB 45ms
44ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-ecccf76212f4ca42acb46cfb36e666cc.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0df6dda0ca4d7be90c9b60be736dcacc1deacad453827e7a05ebfb57b1faa097

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 1823883
x-cache: HIT
content-length: 41549
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Wed, 17 Nov 2021 23:35:41 GMT
x-timer: S1639019030.934470,VS0,VE0
etag: "c6d8662df68b4db66335c0ab647b942f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 25

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js Show response
assets.vidyard.com/play/js/ Frame BCE7 102 KB
29 KB 47ms
46ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-e43bf5b845c50ec018b9e43c25b6b99b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 3640570
x-cache: HIT
content-length: 29228
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 26 Oct 2021 18:59:18 GMT
x-timer: S1639019030.934783,VS0,VE0
etag: "72c2c0d1544367ee82097199e5530397"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 27

GET
H2 200 vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js Show response
assets.vidyard.com/play/js/ Frame BCE7 613 KB
104 KB 47ms
46ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-93befc82d7723f5d5665de2d66c3df17.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f4a3f225d323ee7fe97da693ef576867cc05e926c1f7aeb2a616f1c642a2756c

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 685080
x-cache: HIT
content-length: 106429
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 30 Nov 2021 16:52:41 GMT
x-timer: S1639019030.934887,VS0,VE0
etag: "ff3583515bfe8908a2a24ca2d31eb771"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 25

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.css
assets.vidyard.com/play/stylesheets/ Frame BCE7 37 KB
7 KB 47ms
46ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-ee266757d7cf4509f752928005efa6b0.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 7214
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.935073,VS0,VE0
etag: "2f04b4119c443de15975abfa7a6b652f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 player-pomo-ee266757d7cf4509f752928005efa6b0.js Show response
assets.vidyard.com/play/js/ Frame BCE7 240 KB
49 KB 47ms
46ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-ee266757d7cf4509f752928005efa6b0.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c2d9d4dccb590961368eddaf1aa8418859e14b89185683f5e21c7fc236f2f88

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:49 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 50557
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.935317,VS0,VE0
etag: "f520e390a3c0f1c5190dc4198a01ed57"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 6-241e779290e5feb64c859f7818761e3b.js Show response
assets.vidyard.com/play/js/ Frame 378B 282 KB
67 KB 10ms
9ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a5216d98891ff17eec610106008274e1a0ce9dd6c0487e911b00cd9eea61a723

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-encoding: br
vary: Accept-Encoding
age: 1741039
x-cache: HIT
content-length: 68491
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 18 Nov 2021 19:43:34 GMT
x-timer: S1639019030.043682,VS0,VE0
etag: "b669dbd384a448684ba8e102ad197084"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 21

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.css
assets.vidyard.com/play/stylesheets/ Frame 378B 181 B
197 B 15ms
14ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/35-21e95937aa5ae9450002d53b05474e64.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 103
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.043758,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 17

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.js Show response
assets.vidyard.com/play/js/ Frame 378B 13 KB
4 KB 14ms
14ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/35-21e95937aa5ae9450002d53b05474e64.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a4effdf48ccd47198cfd468497a9c991bbccabefec2748258bb20d15001f46a

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 3941
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.043801,VS0,VE0
etag: "478133b3072855da33da145d7873b930"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 15

GET
H2

200

441540270d5448e57af7b1.jpg
cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/ Frame 378B
Redirect Chain

https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc.jpg
https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg

31 KB
32 KB

11ms
11ms

Image
image/jpeg

18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
Protocol: H2
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: cl5WY7vxSLptLbC0e5yN1hAcwUJIA3i3
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
etag: "09c372482f3c326fb5c1843a299311cb"
x-cdn: cloudfront
age: 16224
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31938
last-modified: Tue, 10 Aug 2021 22:02:40 GMT
server: AmazonS3
date: Wed, 08 Dec 2021 22:33:26 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: h22Vho2NgAxod0cL4cUbILIdWDy__MdQRNT3EtCjDFLBl3HnjKDQRQ==

Redirect headers

date: Thu, 09 Dec 2021 03:03:50 GMT
via: 1.1 varnish
age: 170252
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/8Mq5tIGVA_VUZcSHjlwgZQ/441540270d5448e57af7b1.jpg
x-timer: S1639019030.061086,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

POST
H2 200 visitors Show response
raw.vidyard.com/v2/ Frame 378B 50 B
195 B 106ms
105ms XHR
application/json 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash: 04e56861d7e485f461afd22519b695985713a9fd433c6a7544b2702c90c186c1

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Thu, 09 Dec 2021 03:03:50 GMT
x-vidyard-hostname: ef785595781e
content-length: 50
content-type: application/json; charset=utf-8

OPTIONS
H2 200 visitors
raw.vidyard.com/v2/ Frame 0
0 322ms
106ms Preflight
text/html 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

GET
H2 200 6-241e779290e5feb64c859f7818761e3b.js Show response
assets.vidyard.com/play/js/ Frame BCE7 282 KB
67 KB 12ms
11ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a5216d98891ff17eec610106008274e1a0ce9dd6c0487e911b00cd9eea61a723

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-encoding: br
vary: Accept-Encoding
age: 1741039
x-cache: HIT
content-length: 68491
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 18 Nov 2021 19:43:34 GMT
x-timer: S1639019030.097654,VS0,VE0
etag: "b669dbd384a448684ba8e102ad197084"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 22

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.css
assets.vidyard.com/play/stylesheets/ Frame BCE7 181 B
232 B 15ms
15ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/35-21e95937aa5ae9450002d53b05474e64.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 103
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.097795,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 18

GET
H2 200 35-21e95937aa5ae9450002d53b05474e64.js Show response
assets.vidyard.com/play/js/ Frame BCE7 13 KB
4 KB 15ms
14ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/35-21e95937aa5ae9450002d53b05474e64.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-0a7ededc1384e276ee2dc3b19e123757.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a4effdf48ccd47198cfd468497a9c991bbccabefec2748258bb20d15001f46a

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-encoding: br
vary: Accept-Encoding
age: 129398
x-cache: HIT
content-length: 3941
via: 1.1 varnish
x-served-by: cache-hhn4046-HHN
last-modified: Tue, 07 Dec 2021 15:05:57 GMT
x-timer: S1639019030.097855,VS0,VE0
etag: "478133b3072855da33da145d7873b930"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 16

GET
H2

200

72c7c0397b3d11203ba8a8.jpg
cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/ Frame BCE7
Redirect Chain

https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx.jpg
https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg

37 KB
38 KB

10ms
10ms

Image
image/jpeg

18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
Protocol: H2
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:14 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19b.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 199237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38093
last-modified: Thu, 12 Aug 2021 21:28:14 GMT
server: AmazonS3
etag: "fac35442dc3f54400feda4067e98bdc9"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: .4W53FlrEOMwGZ_0xSp_2Ygzm.6IzDtB
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: l5P8Uus8AInaZEhGzvWMPpvZun-o9YNdKKvn8fISiOMhgBUX7Kerng==

Redirect headers

date: Thu, 09 Dec 2021 03:03:50 GMT
via: 1.1 varnish
age: 179203
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-hhn4046-HHN
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/YvObiWtYb5w6krHWNJwZJw/72c7c0397b3d11203ba8a8.jpg
x-timer: S1639019030.100127,VS0,VE0
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 progress-events.js Show response
play.vidyard.com/v1/ 14 KB
5 KB 512ms
512ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v1/progress-events.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T72STLD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mandiant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 0
x-cache: MISS
content-encoding: gzip
content-length: 5481
x-served-by: cache-hhn4046-HHN
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1639019030.297538,VS0,VE505
etag: "5823d0929a8e2e520236508c08ba757c"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 stream_master_7svCeAxuZBSRt2wTPXovaA.m3u8 Show response
cdn.vidyard.com/hls-videos/8Mq5tIGVA_VUZcSHjlwgZQ/ Frame 378B 666 B
1 KB 23ms
9ms XHR
application/vnd.apple.mpegurl 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/hls-videos/8Mq5tIGVA_VUZcSHjlwgZQ/stream_master_7svCeAxuZBSRt2wTPXovaA.m3u8?k-QcaI6xPl1kfAa7rYFG4ffaI9EQWtfqoGuuC0p_iMNIoSKZ_ITYpV5J_SAyBz_Fr353mHCNRpBmZK0eyUBt1eyot-DIM6YLLgJcnAzf72jTouyDNOswp5PvdxyVef6b44bdo1eGIAjMSOi6PGhBskPMU-NgeTuO5rt__S35GAgAWtV6ANRVgDrgwykCrsO9XnoS
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b75262dcc42f4ecb54a9fde84af21d6dbf93a6d46a8f2cc4e7f83b5324db9ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:04:14 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
vary: Origin
x-cdn: cloudfront
age: 244777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 666
last-modified: Tue, 10 Aug 2021 22:02:56 GMT
server: AmazonS3
etag: "4831024ba7699cf1aa197ac051b4a1d1"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: 5E6U0XgDryp8K72VQiIGFOqeY20ClVft
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/vnd.apple.mpegurl
x-amz-cf-id: 9cnKd_JlTGK5nnF7RxJOXHBmyBRvPAEw8o9OuD918Mh2ITGVEcraYw==

GET
H2 200 stream_master_RtcVrDjfAXmpWl9y5iXGcA.m3u8 Show response
cdn.vidyard.com/hls-videos/YvObiWtYb5w6krHWNJwZJw/ Frame BCE7 665 B
1 KB 19ms
10ms XHR
application/vnd.apple.mpegurl 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/hls-videos/YvObiWtYb5w6krHWNJwZJw/stream_master_RtcVrDjfAXmpWl9y5iXGcA.m3u8?EXg7HTnI34K-3YO6Nb_8LA0Tlm2zt3wNtdo3NcGw5H0T6EzV2Hi40WP5C_zDgPBOTfuxwv1v5qMVKO-9uzXst_NFq2ZKm4CLuojzs_mYq1TETNxHd-UESlcGZ2wsCFrplI_UrtS0yLTofeOXC0o-L4tNFIk5ligqDMdOoQz-ZXj4sCUfN76Ntc6MGseSsjGm_JRv
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/6-241e779290e5feb64c859f7818761e3b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8be8762a9f70ca77a0c26968f26891b218e171087a2a97fc71ee9cd634fde31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:43:20 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
vary: Origin
x-cdn: cloudfront
age: 199231
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 665
last-modified: Thu, 12 Aug 2021 21:28:15 GMT
server: AmazonS3
etag: "691090f9e03a180cde06d54d529b7ad0"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: GdkoY1l1lf1.ItLb65wgTdGwBl0V0nBL
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/vnd.apple.mpegurl
x-amz-cf-id: mvWn1R1Isrx-jMIo-LqqqLxwQqMNGfG--ow57_yq8VzdpfOc28QZHA==

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame 378B 68 B
213 B 109ms
109ms XHR
application/json 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash: 6129419f14315b61d71f47269e849a12d37d5bbf9caa1888f39e5f8df944cf78

Request headers

Referer: https://play.vidyard.com/ZSM2yap3Uzhft78LqAuyMc?disable_popouts=1&v=4.2.36&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Thu, 09 Dec 2021 03:03:50 GMT
x-vidyard-hostname: c8b5103c4bbe
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 103ms
103ms Preflight
text/html 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame BCE7 68 B
213 B 107ms
107ms XHR
application/json 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash: 441e8d78090d82ce74559d6779336b980f8783a6341d415ac15aa6828049d797

Request headers

Referer: https://play.vidyard.com/YaoW27YBWgnoJKYpQL7Ufx?disable_popouts=1&v=4.2.36&type=inline
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Thu, 09 Dec 2021 03:03:50 GMT
x-vidyard-hostname: e0e5cfb646d9
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 104ms
104ms Preflight
text/html 3.89.170.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-170-15.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 03:03:50 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=normal&cb=4z5p5oq0vdz2

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhgBgUAAAAAILakhHCM8iL5pygGB4jLnJbJFfq&co=aHR0cHM6Ly93d3cubWFuZGlhbnQuY29tOjQ0Mw..&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=compact&cb=lexrgv9a9qvz

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pages.fireeye.com/	1969-12-31 23:59:59	Name: BIGipServersj_mailtracking_http Value: !bN9gtHVI/anUcFePurFYsUVmfdh2KNnDeG9bj0ZhKvbFokCdiZw1a8aNJJRJ0JAzTb7Wk0tnxjxAwFQ=
.pages.fireeye.com/	1970-01-19 23:17:00	Name: __cf_bm Value: rC5L0J80exIBxsV_BswUE7wNc0UzSDnM8rw_GL_.k2I-1639019026-0-AbVbPE8kFkBBVj6yBw52SoIH7DbqwYXnTpCq/IIiyKwce3zXZy/M+sxgPNM0rra8MwaGplX6puZg4iPuTQmtC4Q=
.www2.fireeye.com/	1970-01-19 23:17:00	Name: __cf_bm Value: lfE.MAlNotv9hqUt2afaa.9wNoKwGrdVfcS2IlUtJ1w-1639019027-0-AVcsPcaVU2QU6eAJbotlNCRjeRAcoFfbnXPsY3/4gsCdHlYp20HLCpwAGYDLUj5vOoOLTpQ02Mxbi+8nZwDlxf0=
.mandiant.com/	1970-01-20 08:02:35	Name: ajs_anonymous_id Value: d3ea45ed-f2f9-4a06-81bb-e406a3923cc5
.d41.co/	1970-01-20 08:02:35	Name: D41ID Value: v3\|v4\|aa59b9a083884220b87b27efe51cf3c2\|https://d41.co
.d41.co/	1970-01-19 23:16:59	Name: D41IDT Value: 9071c4ff2fde4084befbe781ec94ee00
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3849cc7e037707a6

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
other	warning	URL: https://play.vidyard.com/embed/v4.js Message: Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
assets.vidyard.com
bam.nr-data.net
cdn-0.d41.co
cdn.segment.com
cdn.vidyard.com
cdnjs.cloudflare.com
consent.trustarc.com
ff.d41.co
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
pages.fireeye.com
play.vidyard.com
raw.vidyard.com
static.addtoany.com
vff4596.d41.co
www.fireeye.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.mandiant.com
www2.fireeye.com
www.google.com
104.17.72.206
104.17.73.206
151.101.129.181
151.101.2.137
162.247.242.32
18.66.110.125
18.66.112.119
18.66.122.110
18.66.122.78
2606:4700:10::6816:47c5
2606:4700:300b::a29f:f17d
2606:4700:300b::a29f:f67d
2606:4700::6810:125e
2a00:1450:4001:801::2008
2a00:1450:4001:802::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
3.224.194.123
3.89.170.15
52.41.92.51
52.45.111.176
04e56861d7e485f461afd22519b695985713a9fd433c6a7544b2702c90c186c1
070791c98e0c1770cac70123ac86fca6e7281b7aec1cc82d413afa3635d5e560
07ed649e749e9698e805596809e2ede372229183ddb6b38fc96f696cff02f085
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0c9ab3e7109f42ef98afbad438ec60278ecafc571622d8b190a35c733dbcc0f6
0dde8a958cbd60287193a1529dbc88467001e648d9fb7943ecd5528515d5d169
0df6dda0ca4d7be90c9b60be736dcacc1deacad453827e7a05ebfb57b1faa097
0eab324aea216ff6432155a5cdbd59b7c1429f7d27be852f9dd037c7ade0377c
0ef0c3f8861f73d111a86754f3ce3a757574ec98ef6454d4efa24bef5614c523
125011b4ce1ec07e7cda316c0c68396f03f4929979bcb12442e8b4be311dcda4
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
185fd25b606e486fb8bec09f4a0f2e58bce5d9b140d4c6c19637758373d0cb05
1b9600459bb5ec64940c2d27208bf4f9fffdde86a99b1cb3c0d12b1ff7fb8ba1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb508d41bf1d0c5d56340c7df789b6589350a5f967e1fa937bee5c148d0cb0d
1d751c00e5a17639661109f01c3dbcfd2b4d1590f22996a452cd9ba84f93dc77
1fae616af15fbd4cbf9bcaf860d1a1412b112cc2e3939c8d7e15a2bdb6299f6a
201a094b137fdd3a1ba4188dc6b516deed19d1478e98eafb228fd247629a291b
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
26e6996216334ee71ef0bdc967a8f41b264eb3687fe5f12022de519368120c59
29b33b29c75bd329a6476c57fe3c6d17ce1e78e9b7c6af517ad325d70e5bd694
2a4effdf48ccd47198cfd468497a9c991bbccabefec2748258bb20d15001f46a
3410559aaca7ec70854622bd19b9b6ccb7466067b3ef0d636cb9ced658e753f5
34e89fde702aa592d82afbb8d98034150cb3a2e6bd67a922af1edd106cf87fe8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
441e8d78090d82ce74559d6779336b980f8783a6341d415ac15aa6828049d797
45b9e3163d849e17b040b9e163f18d1767078d18bd2a9948a2810ca549bf1a6f
4aa634ff603b82270844bf4f7af48701d5d8b53685245b7b8aadeeaa7c737e79
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4ecd284b8811543e88f4c470ba7b3fe3f4b7a458c512bb92ab41d2b491aee6ca
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
5290d74adbcea5559af25b922914cc5ef5f37b721dd91f2bde1a6d61469c892b
52c766d175703482411d165b1339220aac1167e3315b792928eb51de6d6b3183
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
57a69171abf7bff9894663084d4d428e7b61eec77d288e3e75743b5cfbb7b0a0
5bb38afdb0c9c4ca64d4a65799e3fffa4e61b7ef89db4446c0d253144e8d97b9
5c2d9d4dccb590961368eddaf1aa8418859e14b89185683f5e21c7fc236f2f88
5ea56ed1ed92d89dd6e8a23316891c8af7cd2150977d2e8431bd0e97c0cf5282
6129419f14315b61d71f47269e849a12d37d5bbf9caa1888f39e5f8df944cf78
626d692e7705f06f33515dd2aa3816ce3cc4bdc160f538751a47380e8566d9f4
629414c0c1a99f7abb19a6315f64e8641539db089cf7789f3fcbca0c3b93a867
65867ea85abfa1983033b5a41d096b93216909fbb4e1b40ce385f5f59ef9757f
65be7e38d2dd34310f31924337a5960a7914ace32b18fc267f39736360c80e28
6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d
6b75262dcc42f4ecb54a9fde84af21d6dbf93a6d46a8f2cc4e7f83b5324db9ca
6d41161f7d77d059a8d35b55c36d765021a1300521eeffd57097df8df3322a90
6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e
71b5da7d2b1187bcf2851c55bee08715f7b5896352b3fa404673a1317540a44a
7582f1ce2b50afe0c64f6da84ed7104462c073ef5d4d8054b1cc7cecf6da0f49
7699009136d90e3cbfa0701b49d252b52cbd3189eef172fa2d3f690f3b15dc55
78060c93ee6a407478d39e1e16807b576ea320f5641a34d5f043c7de399a418e
7a1e04f2b0c9f70e046a62dd97253839da5c9bccbdc83cadf42e6bd76fa2dc43
7b7eb2b28fbf8ad29058540ee28e8b49701e0e47351ff25d3b688fcef9b2a88a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cb9efe9226cab0669f7f6cdf082ec49a48a58f6411b69864b6f952928b979a
9537e3f5594de1f0ff9699c91ce421f2deb6db5929e7b7c5735deebbb6f3b214
97e7573ee44deaa2a2da4d901e4a40181959517f2cfd036c78e8d8555dea111c
9e111614ac18cf0c829a3dbfc6aff736c03536ec281330daf38e4bb3fb6ddfca
9ec192b1be13b5eb7d11e7c8a0f1466ef236e4ba88182bb4cec76a2c7919464e
9ee33831b0f69f4fd2300024df8f2488a4a7a4093cfcc5e28062e128308478f9
a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29e92b61e28d33c457c5f690d3df6f5f7de9d40e2475eccd2e20ea9b35447d1
a5216d98891ff17eec610106008274e1a0ce9dd6c0487e911b00cd9eea61a723
a62337ef19dbdf3486731e541af011a5ec7e99a015d732560bfe664bf1eb0b3f
a8be8762a9f70ca77a0c26968f26891b218e171087a2a97fc71ee9cd634fde31
ae4e360b00b933d5c83d792b3cad8423b88cacb13d72bf9c965b730a704d4b00
af893638a2d983d9d79b699ab8ae2f7f507a67c4bca1911b9a377a7c6f44a2e9
b2cb383a30bee467e40ecebb49e4229b1b57efcc2c7632c921cd170a75c74d24
b44ce95b6fac6715bf575a155f1c2934d882b69e698efcddfcaa628d49c96f44
b49156d5e01eb825b83327e4439ca9fc58e441441a1f63e1189c28bfe517ce3a
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
bd2577dc5b37fb9b07321dea2a9c726a35783efe9a54be72fce3b5072cff326f
be0807b2d562082eaee06985a3d8f1ffa3298e8777e134367cdbe5d75de7742f
bfb5086403ba1c7a9d2f2decb862c8696e41f40da890dd199cb9115b27f86ede
c26f369723641f427bab98b5bc443dc53d673e944d66262d4e7ec1412f479b6f
c471084be8bd1a45895a922d129b0c5cc4495e8e6e46df49e3eba608a3d50c57
d8d3f401175e39c476c08dd68216c445af259f6a4cf8ac93ba2e57801cd124a3
da0d9dec187414eaac184877e362bfd09ac956b2ab490b6adbb525af80fb3d6a
dddf60fbbc2586fa01a5bda5fe3c7c48d3bd731df3c5b5aac960fc0796ee84e5
dfaed587b938cc953c5008f257ed1e661e9d2e2f907bd5b520fc4b9348985a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d5375c5c42c888e2166d20b83b4e50a5324c03572ff52d27e6e8da11988822
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f269cafacd48c650b7c76973b7192a4593125d9b957bfa3b57a89e835ec0df1f
f3432889f446ebcb8b1071f3c462634a2bbe078e3eb2b3392578886bc06e09c3
f4a3f225d323ee7fe97da693ef576867cc05e926c1f7aeb2a616f1c642a2756c
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fad03d5343f00671f67d8e92a6c1e243f4b45e4f7a09d11c6d170665ae52d03e
fe3bfdac05de97234a1a81c7f09c87f14708cf7bd9a341a63e68613c3c6e40d6
ff358b1e3b643b9432dd2970f1afdda9e5b101ec52ad59546b5f8043a02e0a61

www.mandiant.com Open in urlscan Pro 2606:4700:300b::a29f:f17d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

132 Requests

94 %HTTPS

43 %IPv6

16 Domains

24 Subdomains

24 IPs

3 Countries

3090 kBTransfer

8438 kBSize

7 Cookies

10 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mandiant.com Open in urlscan Pro
2606:4700:300b::a29f:f17d Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

94 %
HTTPS

43 %
IPv6

16
Domains

24
Subdomains

24
IPs

3
Countries

3090 kB
Transfer

8438 kB
Size

7
Cookies

132 HTTP transactions
2 data transactions