hzcu.login-us.mimecast.com Open in urlscan Pro
207.211.31.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/zgMnCyPO6XHrP0NiZ13HU
Effective URL:
https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02H...
Submission Tags: falconsandbox
Submission: On April 01 via api (April 1st 2022, 9:44:06 am UTC) from US — Scanned from US

Summary HTTP 29 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 29 HTTP transactions. The main IP is 207.211.31.108, located in Butler, United States and belongs to NAVISITE-EAST-2, US. The main domain is hzcu.login-us.mimecast.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 20th 2021. Valid for: a year.

This is the only time hzcu.login-us.mimecast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.139.111.117 205.139.111.117	30031 (MIMECAST-) (MIMECAST-)
10	207.211.31.108 207.211.31.108	14135 (NAVISITE-...) (NAVISITE-EAST-2)
1	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
1	35.190.8.230 35.190.8.230	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21da:b000:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:808::2013	() ()
29	7

1 205.139.111.117 (United States) 1 redirects

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 207.211.31.108 (Butler, United States)

ASN14135 (NAVISITE-EAST-2, US)
PTR: service155-us.mimecast.com

hzcu.login-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.8.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.8.190.35.bc.googleusercontent.com

static.srcspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:b000:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2013 (None, )

ASN- ()

app.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	mimecast.com 1 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 9602 hzcu.login-us.mimecast.com	531 KB
3	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1199 app.pendo.io	165 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	srcspot.com static.srcspot.com — Cisco Umbrella Rank: 26147	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 pendo-static-5707797427912704.storage.googleapis.com Failed	1 KB
29	5

	Domain	Requested by
10	hzcu.login-us.mimecast.com	hzcu.login-us.mimecast.com
2	app.pendo.io	cdn.pendo.io
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.pendo.io	hzcu.login-us.mimecast.com
1	static.srcspot.com	hzcu.login-us.mimecast.com
1	fonts.googleapis.com	hzcu.login-us.mimecast.com
1	protect-us.mimecast.com	1 redirects
0	pendo-static-5707797427912704.storage.googleapis.com Failed	cdn.pendo.io
29	8

This site contains links to these domains. Also see Links.

Domain
www.mimecast.com
community.mimecast.com

Subject Issuer	Validity	Valid
*.login-us.mimecast.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-20` - `2022-05-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
static.srcspot.com GTS CA 1D4	`2022-02-11` - `2022-05-12`	3 months	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
app.pendo.io GTS CA 1D4	`2022-03-31` - `2022-06-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
Frame ID: A5600D39A2E22C105FA03A32926E494D
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Horizon Credit Union Secure Messaging

Page URL History Show full URLs

https://protect-us.mimecast.com/s/zgMnCyPO6XHrP0NiZ13HU HTTP 307
https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkT... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

55 %
HTTPS

57 %
IPv6

5
Domains

8
Subdomains

7
IPs

1
Countries

778 kB
Transfer

2934 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mimecast.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://community.mimecast.com/docs/DOC-1183
Title: Login Issues?

Search URL Search Domain Scan URL

URL: https://community.mimecast.com/community/knowledge-base/secure-messaging
Title: Knowledge Base

Search URL Search Domain Scan URL

URL: http://www.mimecast.com/Customers/Support/Contact-support/
Title: Contact Support

Search URL Search Domain Scan URL

URL: https://www.mimecast.com/company/mimecast-trust-center/gdpr-center/privacy-statement/
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/zgMnCyPO6XHrP0NiZ13HU HTTP 307
https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
hzcu.login-us.mimecast.com/u/login/
Redirect Chain

https://protect-us.mimecast.com/s/zgMnCyPO6XHrP0NiZ13HU
https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5Ml...

566 KB
76 KB

3292ms
3210ms

Document
text/html

207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

36d2b91a269b2bcba837c686feaf2f2e808875e40f2ab7e9bb106df96324d601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Fri, 01 Apr 2022 09:44:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding, User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 01 Apr 2022 09:43:58 GMT
Location: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ#/login?message=eNpNj11LwzAUQP9LXl00H22aDhFnXzbdBOlEHELI0tta1zajSYso_ndTZeLrvZdzzv1EDszQQ12gOUqTLc2rcnmAp-fydrdwZq9lmos3yHreruOV7B7ORrERO7d9v1vJ-ia12Yd2a6jzl4vtMkMz1IJzuoLG2sNw9PYAHZp3Q9PMkG_9vS0geAiR4VIbX4-_4uwxX8h0wQRRsRCcpJyRSA3OQ99SosK9uuSJZFEqC5wYKXEkCoI1KRmOwlQYLvVemquA7Rz4AsqJy2M-QyP0rrahgv4kbOzQTcoTfArpzeuppFIGQzATquJEjUWcYMrVvz5GGKU0rBn9C8QhEAuaciGYENNv0Oq6CThT6qq67lpf-waq3g7Hc2Nb9PUNe0Nylg
Pragma: no-cache

GET
H/1.1 200
OK entypo.css
hzcu.login-us.mimecast.com/u/assets/entypo/font/ 17 KB
4 KB 31ms
30ms Stylesheet
text/css 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/assets/entypo/font/entypo.css

Requested by

Host: hzcu.login-us.mimecast.com
URL: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

7a24726189ec811cbf06e22aaabffbb801ac7053ab29639db0be79d4f1806c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:44:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Oct 1985 13:15:00 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"1bFeKdjqrIM1bFeXeGTGzo--gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Content-Length: 3613
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK font-awesome.css
hzcu.login-us.mimecast.com/u/assets/font-awesome/css/ 28 KB
6 KB 61ms
29ms Stylesheet
text/css 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/assets/font-awesome/css/font-awesome.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:44:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jan 2015 18:59:08 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"N3Tn8R86je0N3TmujP4DcY--gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Content-Length: 5752
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK mimecast-icons.css
hzcu.login-us.mimecast.com/u/assets/mimecast-icons/css/ 10 KB
3 KB 291ms
230ms Stylesheet
text/css 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/assets/mimecast-icons/css/mimecast-icons.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

a1d33188074b02e6b9be49187407105b4205fedffae6444afce0850ce8196afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:44:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 26 Oct 1985 13:15:00 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"DzfGxBy4g4kDzfGsCXBUc0--gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Content-Length: 2466
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 93ms
45ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 09:33:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 01 Apr 2022 09:44:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Apr 2022 09:44:01 GMT

GET
H2 200 galindo.js Show response
static.srcspot.com/libs/ 84 KB
38 KB 99ms
21ms Script
application/javascript 35.190.8.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.srcspot.com/libs/galindo.js
Requested by: Host: hzcu.login-us.mimecast.com
URL: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.8.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 230.8.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0986f021b6610a9b691950cba3879bf04f1bc6c1a4c6cdf162279b00fe16a78f

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 09:34:22 GMT
content-encoding: gzip
age: 580
x-guploader-uploadid: ADPycdvcvvKlFds3ui06cAGLMQdCpignSzypiHNO07sZPquzRPcbflrHRzP5rhurBV-ka8xK8G74uAG4_-ALqWmSoLvSsCJtQA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 38504
last-modified: Sun, 13 Mar 2022 11:57:33 GMT
server: UploadServer
etag: "7bcc74e4c1428b02fe262c7ec2744792"
x-goog-hash: crc32c=irsqiA==, md5=e8x05MFCiwL+Jix+wnRHkg==
x-goog-generation: 1647172653020570
cache-control: no-transform, public, max-age=900
x-goog-stored-content-length: 38504
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 01 Apr 2022 09:49:22 GMT

GET
H/1.1 200
OK cache.dc53e452b14a753e1d9f74f171f251ef.login-lib.js Show response
hzcu.login-us.mimecast.com/u/login/ 1 MB
370 KB 65ms
35ms Script
application/javascript 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/login/cache.dc53e452b14a753e1d9f74f171f251ef.login-lib.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

e3c99ddcca57506135b6b0442ea7b36b36e0c4ff448d9edf55e1adcbe9591fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:44:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Jan 2022 20:32:00 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"ptys49Ocagkptytna3fTPM--gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=20160
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cache.df1a8fbf961ceb54242fb898d3cb77bf.login.js Show response
hzcu.login-us.mimecast.com/u/login/ 204 KB
34 KB 96ms
64ms Script
application/javascript 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/login/cache.df1a8fbf961ceb54242fb898d3cb77bf.login.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

033fa6084ac51ce7368c88d4c1c636c087fca444f65f080ee6da3ecb531a4d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:44:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Jan 2022 20:32:00 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"nOqneNdaJgEnOqmBqkPs0A--gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=20160
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/ 471 KB
146 KB 105ms
25ms Script
application/javascript 2600:9000:21da:b000:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js
Requested by: Host: hzcu.login-us.mimecast.com
URL: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:b000:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9b479547faac9a889d26b94cf054bcfc7dcb4512b8289cad3482f395c1bc1cd0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:42:28 GMT
Content-Encoding: gzip
Age: 95
X-GUploader-UploadID: ADPycdvC2ZPLClME9EQVNoM10IvFEuVbt40qWW5CtvuOeYNYa85LL2M6kLOjzM12CmzBfJkWZ3Jqn4B_j5XgIWLio6GoXqX9Bw
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 148316
Access-Control-Allow-Origin: *
Last-Modified: Thu, 31 Mar 2022 18:18:14 GMT
Server: UploadServer
ETag: "8dc41e94bc8c7b2699996aa99577258f"
Vary: Accept-Encoding
x-goog-hash: crc32c=QRlR6Q==, md5=jcQelLyMeyaZmWqplXcljw==
x-goog-generation: 1648750694733159
Via: 1.1 92f8ba2eac28a12283a77bc938ff1728.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 148316
X-Amz-Cf-Pop: EWR53-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: 1fpqWLywjGY36ipuBHWWliMldc0HZ8eh2ECM0RVT3B5XN57rt3WTCw==
Expires: Fri, 01 Apr 2022 09:49:57 GMT

GET
H/1.1 200
OK en.json Show response
hzcu.login-us.mimecast.com/u/login/assets/languages/ 18 KB
6 KB 31ms
31ms XHR
application/json 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/login/assets/languages/en.json?ver=1.5.16-1-20220121_1500

Requested by

Host: hzcu.login-us.mimecast.com
URL: https://hzcu.login-us.mimecast.com/u/login/cache.dc53e452b14a753e1d9f74f171f251ef.login-lib.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

534d3e23568bac4ef4df71a1535f12d940a95a085149edf427056dc993ec4272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:44:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Jan 2022 20:32:00 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"ni2zlJwt/9gni2y6uJ7DEI--gzip"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Content-Length: 5531
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app-version.jsp Show response
hzcu.login-us.mimecast.com/u/login/ 22 B
500 B 30ms
30ms XHR
text/html 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/login/app-version.jsp

Requested by

Host: hzcu.login-us.mimecast.com
URL: https://hzcu.login-us.mimecast.com/u/login/cache.dc53e452b14a753e1d9f74f171f251ef.login-lib.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

788c79ecdcf0789f4fd960c0fa35bedcd7e61cd2dbd0fd5bbf71cf1dd155ec4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Apr 2022 09:44:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html;charset=utf-8
Cache-Control: private, max-age=0, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, User-Agent
X-XSS-Protection: 1; mode=block

GET
H/1.1 500
Server Error bcugNHnSTyNzkznQ1Cx4egeyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIiwicDJjIjo4MTkyLCJwMnMiOiJnRWI3NzN5UVlDWDVrRExsIn0.Luz7npApFbqhKexbV9RHNACBIk7S02SN.8gMaUWXz9emAiSlP.vrKtI1iPvrRAcK3bV...
hzcu.login-us.mimecast.com/u/rest/branding/get-branding-item/ 32 KB
32 KB 3863ms
3863ms Image
text/html 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hzcu.login-us.mimecast.com/u/rest/branding/get-branding-item/bcugNHnSTyNzkznQ1Cx4egeyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIiwicDJjIjo4MTkyLCJwMnMiOiJnRWI3NzN5UVlDWDVrRExsIn0.Luz7npApFbqhKexbV9RHNACBIk7S02SN.8gMaUWXz9emAiSlP.vrKtI1iPvrRAcK3bVjUovJGxpR1WxqTKoW_fUh5CmMlqnI-f-ZKEavTJvf0_A10w6m2gflMs5FLaj3VIXfU53buMV3XZZQmyK8LqBP3QLvrfoZTNlI3tyOVzc5ExNe6ubkuqVYMRKTnFuAH5Ebp_ukl8OsZSb9hHncWqwP6Ch5aUjY0JC4DQOtR8xlOjPpB69Qa47q8xq-7SP-a-HrmN6RZ665tsjRAaj2kWJBKJaZEof9L4gnQ8VcIuvIJpQdV8hct57ySwBCZRaNUJ-wPRfmEuYCcgxejnVsmQRKJ8TmcHh4mlNry437FwJylFUev4vRYyl-pCFD4q8lQdAdp6uJtvDQ9ReW_QyFoK7mRXjGGc1YRQpMvawHExCaIIwdq0U4NJjSoUtKFO74xI4gnsyrY8AsxXW9o9xfa6sGd3iTZt5yzrGntkX7zGKcK16Co5Uvbe2okjOU_G-iiLA5ezIEQoOBkDmljnQLrdDyhpNp0Kh-aZwJUM0Z3ax4iEPIjuEYrVWYO2daQMvgYS5m37ZX523YmbD7notYLN5MndMSc83Fc8NJ7a-n06JaUuwlEfrA.J31Hi7qXnXzwMoGWTD2FFg?tkn=hzcu

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

af07a9ef43f1eec09b9378ee448e7fe6b0eac9c63b91c7eefe5cd3c6a339b52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Fri, 01 Apr 2022 09:44:06 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Cache-Control: private, max-age=0, no-cache, no-store
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 73ms
20ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hzcu.login-us.mimecast.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:05 GMT
x-content-type-options: nosniff
age: 212277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:05 GMT

GET
H/1.1 200
OK lang-en.js Show response
hzcu.login-us.mimecast.com/u/login/language/ 0
442 B 30ms
30ms Script
application/javascript 207.211.31.108
NAVISITE-EAST-2

General

Check archive.org

Show headers Download Go to

Full URL

https://hzcu.login-us.mimecast.com/u/login/language/lang-en.js

Requested by

Host: hzcu.login-us.mimecast.com
URL: https://hzcu.login-us.mimecast.com/u/login/cache.dc53e452b14a753e1d9f74f171f251ef.login-lib.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.211.31.108 Butler, United States, ASN14135 (NAVISITE-EAST-2, US),

Reverse DNS

service155-us.mimecast.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/u/login/?gta=secure&tkn=3.pwM9Vw-N1M5sGQn6KmlRd927ycEN3Qe6ql7ChF7aEA_nbc0qkTQLtKeHqr0t_N-9X6C02HfT0pvoU4mjwoVwd2dblYT-GhFhaDInx4lMgCC4wmO50b9VEXf9yb4W5dKH.vF7_5MlBI3Zo8fBL750veQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Fri, 01 Apr 2022 09:44:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Jan 2022 20:31:56 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"9X2mm1yznhc9X2n5SLlNHc"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding, User-Agent
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 0600cd7b-e6b2-4ba9-4249-ab1342c3631b
app.pendo.io/data/ptm.gif/ 42 B
280 B 153ms
84ms Image
image/gif 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.pendo.io/data/ptm.gif/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?v=2.130.0_prod&ct=1648806246304&jzb=eJztk0tvo0gbhf8LI80qtosCg4kUtTDBNzAYjN3Yo0-ogDLYLm7FLdDKf2-czESz6t0sPql31OG8h7fEef76wVRdjplnJsEVYp4Yn2ZtialXXZNBZQV-NgMC5AU4456Y5lpeq4x613AY8Haq8Wp6judqSo3t8k4v_BCAgiCr0-rDk9aEPDE1JYM9rqq8fJ5M4j6oxySLrumoLsfJ8JkAldU4yJJJPfnQJ9-iCr2UOKgp_rO6py_cOG-30rEdGex2Wi6tVNASYocSFLtANTgLCwURlXghIlX2Uj8Axd2x9ErDq4KCyjNGkisoAK4uDsib7MAntzY7tiEMfXJyRst4EaPXdfrGk22kKHybmFPgS0fVvUidz3-fhtpq3CxEb7ol8zV3zmaXuS5OQYOtPz4X_pbgskQRfsFGbtxYVm97-WDtJN0lAKwgRK_xInV7P5ybRF2p-hpUFWJ7dNufysxLQ-eMddqcw75vWPW17C2LhZF5KBw9gDRIEzkfXbqQhu25kEiSlVy3opjW5lGci6ZNVdsUQ6lhm83oilh4CiESbj3hm2p73_bsetPXmb6EpdFKu5O8OuecJe2296UnNXsQYflq88e17_Ijj6_bN3cWg9ay7dJWgnzT2XuZMy1J2melJtX1fnNeqIUybU-aq96VbM1qdmK2xDrpzREnRS2Lds_LZbHp4HZkdTtAKYqjhr_7Zm85QeZcZJr3uM7zxXpp9bJT1Bv1dvgenLb02PTT5VI7ADpPJWVmxapco-C6PKmG0QCzEBQndoSiEESSX0YtKrhIXAXQ8KXdwcDA6Eg0FDCnWV4yzz_-aevj8VeFJSiN6uHvDQ6ceoc98_5V4mF0OOSI4rSS_y2FqHr4ATsB_AQCCIecBtPymqWDDMcsB8bAGzYJH2mfAQ7y119MVJ8HRhJZOlO0-wppxHFJPORcKErwx0vdZ12C3wxeYKdL27YeeHYVHi4n8fD96QtdkqHwl-gKv9H9je7_E7qPRv_dY1EQZv8JQzPIvf_vJ6DKUqk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2013 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 09:44:06 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-max-age: 600
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
content-length: 42

GET
H2 200 0600cd7b-e6b2-4ba9-4249-ab1342c3631b Show response
app.pendo.io/data/guide.js/ 69 KB
18 KB 205ms
141ms Script
application/javascript 2607:f8b0:4006:808::2013

General

Check archive.org

Show headers Download Go to

Full URL

https://app.pendo.io/data/guide.js/0600cd7b-e6b2-4ba9-4249-ab1342c3631b?jzb=eJx9kluvojoYhv8LO9lXg5aKsrqSlQkiHjkIoqPekAoV0HJqKYzsrP8-rNnJZF_tu35vnu-Q9PlHajOeNSXbxNK7FO5NZ-GGQXjeGYL4_MnuqvRNwlFUiqL5QgpB6TdJMDrQadNU_H08TvtIjGiZZIUs-CjPchJh3oyiMh-L8e98_D1p8AcnkWDk7-ZZfExGVWejUyc7ij3lK6-Y7XLqxwhqr8h0Jh6Z1VQz0qWGTT0sbhGon4FnNTuyrhloQkdG55kB4PoegKotj2r-6MpTF8P4Ri-BvEqXKV5sip8qtRPDULvcnYIbOpnnO3rd1B_TeLcetUstnNp0vplcy7f73NKmoCXeX_8e_D0nnOOEfBCnch6KYnW9fvT2yDpTANYQ4kW6LM79LZ671Fyb1gY0DVZ6_DhceBkWcXAlFmuvcd-3irngvecpMHGPdWBFkEVFrlfy_RWzuLvWiOYln7zWjDDhnrS55vrM9F0tRq3SbuUMK_ASQzx79FRtG_tp98pm24vSWkHudGh_0dfXauKhvf1chag9gIToma-eNrezKoeq6H6e31LQeb7PfSOqti__oE9cD6FDyXdIiMP2ujRrY9pddmfzaZQbZefnbke9i9WeSF4LXfN7Vef19gVt2XvtAWM4TVr1eXN7L4jK4K6zqieiqpabldfrQS225uP4I7rY7NT209VqdwRsXiDjzUtNXeAoW11Mx2mBW8-MIA1mdT3TaHWXO1xPEm0dQeeG9keHAOdFk8G_nDQ4xg2W3v_o-vXM_kdZiotEDB84EKQIjwfp84_GQ-tQVJiRotH_Gw0rvnigjIE6hgDCYU5LGM_KYojhSJmAEQgrVsbS5-cvPAIUSQ&v=2.130.0_prod&ct=1648806246307

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/0600cd7b-e6b2-4ba9-4249-ab1342c3631b/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2013 -, , ASN (),

Reverse DNS

Software

Resource Hash

902735b1e64cdf2890bb3acc4deb42783055b469a1449628a8fd65d689963c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://hzcu.login-us.mimecast.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 09:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/javascript
via: 1.1 google
access-control-max-age: 600
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization

GET guide.-323232.1641566401970.css
pendo-static-5707797427912704.storage.googleapis.com/ 0
0

GET BY-6PfhcHYSA3Ge-Fq5aTfq0-4s.dom.jsonp
pendo-static-5707797427912704.storage.googleapis.com/guide-content/7SHTPNi_Xpm4UJSECcvOI9Ne9TM@sn9p0ljv8dushqgktXFohVVCLNU/WmvWv3yoJPY5zIiS-0_34FvCVEw/ 0
0

GET ks2hWpyJMSerZmPRjZD6X5kwOtA.dom.jsonp
pendo-static-5707797427912704.storage.googleapis.com/guide-content/67e9EH2nmGI2q8_wiKCr04V4ODs/8kb8zIKou5PV4zS4XX0acvJnkAY/ 0
0

GET wGXiFc-bRALWjjfRmLVMhekoL7U.dom.jsonp
pendo-static-5707797427912704.storage.googleapis.com/guide-content/15p-yJX8ecYNaarLsYBwSeHKaRE/CHS-ojsxsX_MnoPhtRe0TKQLBvQ/ 0
0

GET 1MoIhXy7eApwUv4qn2okN-UfONw.dom.jsonp
pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/ 0
0

GET umpri5iR61Vn0pIpcGXT7OBN1FM.guide.js
pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/ 0
0

GET NJ-2jv853v7oWvrBiE5h2o8dCmE.guide.css
pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/ 0
0

GET q13Y5GGKrpxNyL1_Tv1vbkuj2Jw.dom.jsonp
pendo-static-5707797427912704.storage.googleapis.com/guide-content/yyTjAbf0U6P4FyCht9PDC37PECc@sn9p0ljv8dushqgktXFohVVCLNU/wNNiK8f0SEITG_a7n9-tBCaxh-s/ 0
0

GET oU7vR0eknmYUs-bIcC3DEO9ACtA.guide.js
pendo-static-5707797427912704.storage.googleapis.com/guide-content/yyTjAbf0U6P4FyCht9PDC37PECc@sn9p0ljv8dushqgktXFohVVCLNU/wNNiK8f0SEITG_a7n9-tBCaxh-s/ 0
0

GET NDI27fSMuSEHHopheunoud0g1ss.dom.jsonp
pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/ 0
0

GET vnnDUCcqfsNuBBWIjd4pcCi-2X4.guide.js
pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/ 0
0

GET oqtaoRe4R18hkIdR4O_20l2GLu0.guide.css
pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/ 0
0

GET JYnSZ5_o1kj4FfnEXBhrY_bV_ac.dom.jsonp
pendo-static-5707797427912704.storage.googleapis.com/guide-content/zEjbHDG91TLcfCdFOKDMaigHnB8@sn9p0ljv8dushqgktXFohVVCLNU/MJsaWPm9qU58xZQVTZCt959W7Y4/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide.-323232.1641566401970.css

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/7SHTPNi_Xpm4UJSECcvOI9Ne9TM@sn9p0ljv8dushqgktXFohVVCLNU/WmvWv3yoJPY5zIiS-0_34FvCVEw/BY-6PfhcHYSA3Ge-Fq5aTfq0-4s.dom.jsonp?sha256=WtJ_Rlv3kcrcZa4QzaAVzxN2UJ-SJJ-84Thbwl6yBwM

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/67e9EH2nmGI2q8_wiKCr04V4ODs/8kb8zIKou5PV4zS4XX0acvJnkAY/ks2hWpyJMSerZmPRjZD6X5kwOtA.dom.jsonp?sha256=dDlyBu4C2V8qJGl8SWBHG7AX3DR8m5noDhI7eFICmLQ

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/15p-yJX8ecYNaarLsYBwSeHKaRE/CHS-ojsxsX_MnoPhtRe0TKQLBvQ/wGXiFc-bRALWjjfRmLVMhekoL7U.dom.jsonp?sha256=R3d2NxzhN_EztIQ3vsnvvri8Ebt9w0asxAo23VvXj2Q

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/1MoIhXy7eApwUv4qn2okN-UfONw.dom.jsonp?sha256=6n1aijOx-oKN63dNYoOwptZQ7PZVIteKiiWTtNb0lIA

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/umpri5iR61Vn0pIpcGXT7OBN1FM.guide.js?sha256=QylHYPKKZoN1LpfSZwrOt-Lac6rhYEOeegHDiE44AGY

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/EWuuX_o4U-xRldBOqT-LYFc69fQ@sn9p0ljv8dushqgktXFohVVCLNU/Imtq1OAS7QR5--1wWyrbg1YVU2c/NJ-2jv853v7oWvrBiE5h2o8dCmE.guide.css?sha256=9lhkYz5ELE3r3uph6sB4dzEQOAYcTrQ5ZK8JEMtzh9E

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/yyTjAbf0U6P4FyCht9PDC37PECc@sn9p0ljv8dushqgktXFohVVCLNU/wNNiK8f0SEITG_a7n9-tBCaxh-s/q13Y5GGKrpxNyL1_Tv1vbkuj2Jw.dom.jsonp?sha256=tLEAAd3ZOlTyN2Mvyr2SeRRglSnqVO7BChEInKDgUFE

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/yyTjAbf0U6P4FyCht9PDC37PECc@sn9p0ljv8dushqgktXFohVVCLNU/wNNiK8f0SEITG_a7n9-tBCaxh-s/oU7vR0eknmYUs-bIcC3DEO9ACtA.guide.js?sha256=Z3xONIWn8wDdwucp5OopIrUkyhOEnC4uDqguwCELGWY

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/NDI27fSMuSEHHopheunoud0g1ss.dom.jsonp?sha256=rt0sH1Ee8nQFJUxQhWaTMYuBPBH1u0goaCBaCuf0I4M

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/vnnDUCcqfsNuBBWIjd4pcCi-2X4.guide.js?sha256=YoOVgRgCEjQMEVhtPDpXuTrs8Q-J2WZCKK4J4iGbP7k

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/dP9u1Yj5gYondtURXeRiqcUqNWc@sn9p0ljv8dushqgktXFohVVCLNU/HSnzFk61g0hDIbg3_i1hMHRvVR0/oqtaoRe4R18hkIdR4O_20l2GLu0.guide.css?sha256=Wi2FJ287sAohUChB4VkWmQVpaacGa5Kp7O35gghy2_M

Domain: pendo-static-5707797427912704.storage.googleapis.com
URL: https://pendo-static-5707797427912704.storage.googleapis.com/guide-content/zEjbHDG91TLcfCdFOKDMaigHnB8@sn9p0ljv8dushqgktXFohVVCLNU/MJsaWPm9qU58xZQVTZCt959W7Y4/JYnSZ5_o1kj4FfnEXBhrY_bV_ac.dom.jsonp?sha256=PRyBy5H6BMXuAV3Gx9n2_VGPi5VKFf0JjT8S8QHjovA

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hzcu.login-us.mimecast.com/u/rest/branding/get-branding-item/bcugNHnSTyNzkznQ1Cx4egeyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIiwicDJjIjo4MTkyLCJwMnMiOiJnRWI3NzN5UVlDWDVrRExsIn0.Luz7npApFbqhKexbV9RHNACBIk7S02SN.8gMaUWXz9emAiSlP.vrKtI1iPvrRAcK3bVjUovJGxpR1WxqTKoW_fUh5CmMlqnI-f-ZKEavTJvf0_A10w6m2gflMs5FLaj3VIXfU53buMV3XZZQmyK8LqBP3QLvrfoZTNlI3tyOVzc5ExNe6ubkuqVYMRKTnFuAH5Ebp_ukl8OsZSb9hHncWqwP6Ch5aUjY0JC4DQOtR8xlOjPpB69Qa47q8xq-7SP-a-HrmN6RZ665tsjRAaj2kWJBKJaZEof9L4gnQ8VcIuvIJpQdV8hct57ySwBCZRaNUJ-wPRfmEuYCcgxejnVsmQRKJ8TmcHh4mlNry437FwJylFUev4vRYyl-pCFD4q8lQdAdp6uJtvDQ9ReW_QyFoK7mRXjGGc1YRQpMvawHExCaIIwdq0U4NJjSoUtKFO74xI4gnsyrY8AsxXW9o9xfa6sGd3iTZt5yzrGntkX7zGKcK16Co5Uvbe2okjOU_G-iiLA5ezIEQoOBkDmljnQLrdDyhpNp0Kh-aZwJUM0Z3ax4iEPIjuEYrVWYO2daQMvgYS5m37ZX523YmbD7notYLN5MndMSc83Fc8NJ7a-n06JaUuwlEfrA.J31Hi7qXnXzwMoGWTD2FFg?tkn=hzcu Message: Failed to load resource: the server responded with a status of 500 (Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.pendo.io
cdn.pendo.io
fonts.googleapis.com
fonts.gstatic.com
hzcu.login-us.mimecast.com
pendo-static-5707797427912704.storage.googleapis.com
protect-us.mimecast.com
static.srcspot.com
pendo-static-5707797427912704.storage.googleapis.com
205.139.111.117
207.211.31.108
2600:9000:21da:b000:1f:aa31:7740:93a1
2607:f8b0:4006:808::2013
2607:f8b0:4006:80a::200a
2607:f8b0:4006:821::2003
35.190.8.230
033fa6084ac51ce7368c88d4c1c636c087fca444f65f080ee6da3ecb531a4d21
0986f021b6610a9b691950cba3879bf04f1bc6c1a4c6cdf162279b00fe16a78f
36d2b91a269b2bcba837c686feaf2f2e808875e40f2ab7e9bb106df96324d601
534d3e23568bac4ef4df71a1535f12d940a95a085149edf427056dc993ec4272
788c79ecdcf0789f4fd960c0fa35bedcd7e61cd2dbd0fd5bbf71cf1dd155ec4a
7a24726189ec811cbf06e22aaabffbb801ac7053ab29639db0be79d4f1806c1d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
902735b1e64cdf2890bb3acc4deb42783055b469a1449628a8fd65d689963c13
9b479547faac9a889d26b94cf054bcfc7dcb4512b8289cad3482f395c1bc1cd0
a1d33188074b02e6b9be49187407105b4205fedffae6444afce0850ce8196afb
af07a9ef43f1eec09b9378ee448e7fe6b0eac9c63b91c7eefe5cd3c6a339b52b
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c99ddcca57506135b6b0442ea7b36b36e0c4ff448d9edf55e1adcbe9591fea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9f282849d1cf8f3649ab2b38ee674050c4516b9cafe0c8eb5be6f7f5ce6a529

hzcu.login-us.mimecast.com Open in urlscan Pro 207.211.31.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

55 %HTTPS

57 %IPv6

5 Domains

8 Subdomains

7 IPs

1 Countries

778 kBTransfer

2934 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

hzcu.login-us.mimecast.com Open in urlscan Pro
207.211.31.108 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

55 %
HTTPS

57 %
IPv6

5
Domains

8
Subdomains

7
IPs

1
Countries

778 kB
Transfer

2934 kB
Size

0
Cookies

29 HTTP transactions
0 data transactions